Hello All,
We have the cluster environment and the syslog data is coming in from UDP port, what we have requirement is parsing of some syslog data from particular hosts.
So usually will go with deploying `transforms.conf` and `props.conf` files for particular `sourcetype` to search heads but am not getting how we can achieve in this condition because we need to parse with by host.
Could you please help me on this?
↧