Hi,
I have a timestamp problem on Splunk.
I am working with log file who looks like :
> numberline;date;ipsrc;ipdst> 102;13Jan2015;10.10.10.10;12.12.12.12
On splunk the date is 15 january but on the raw date we are in 13 january ...
I know that I have to configure propers.config,date_time.xml ect but what is the command to extract the date without space correctly ?
Thanks
Steve
↧