Ferry Leirissa's Page

Gifts Received

Ferry Leirissa has not received any gifts yet

Give Ferry Leirissa a Gift

Latest Activity

Ferry Leirissa replied to James Esposito's discussion 'Need RegEx Help Please!'

Hai Micheal, Whats the total input here, can you sent me it as well? Cause you dont have the fields decribed here now right? What is your advice, to do FORMAT or inline? Cheers Ferry

April 6

Ferry Leirissa replied to James Esposito's discussion 'Need RegEx Help Please!'

Hai James, This is syslog right? I am happy to help you, can you sent me a part of the logile? So I have some mass data to doublecheck before twaeking afterwards. Please sent it to leirissa@hotmail.com Thanks Ferry

April 5

Ferry Leirissa replied to Patrick Swackhammer's discussion 'Regex For Identifying IP Addresses (To Extract Field)'

Oops paste errors.... * | rex "v630\/(?P\d+\.\d+\.\d+\.\d+)" then you get the IP as a field,,hope this helps! Cheers Ferry

March 17

Ferry Leirissa replied to Patrick Swackhammer's discussion 'Regex For Identifying IP Addresses (To Extract Field)'

Hai Patrick, Guest you have to dig into the pre and postfix part : (?i) accepted: (?P.*) means : search for accepted: and put everyting .* after that in FIELDNAME Thist wil not work for the other example....based on that info you have to use someh…

March 17

Ferry Leirissa replied to Ziad's discussion 'Light forwarder sends directly to an Index on the splunk server'

Yes its possible, you can read it on http://www.splunk.com/support/forum:SplunkAdministration/3994 You have to edit the props and transforms (on receive) like : props.conf [host::devhost*] TRANSFORMS-dev = IndexIs-dev [host::prodhost*] TRANSFORMS…

March 17

Ferry Leirissa updated their profile

March 14

Ferry Leirissa updated their profile photo

March 14

Ferry Leirissa is now a member of splunkninja

Welcome Them!

March 14