I have a log that looks like this (with lot more fields):
04FEB2016_18:05:49.440 10789:1 INFO Struct='SListmanTskSubTranV6' IO='O' EventId=17086 Event='LISTMAN_UPDATE_FOR_EXEC_RPT REPORT' Order=1094966 To='MULT' ...
I want to extract events like these from Splunk and want the output to be a **VALID** json object. So in this case, output should look like:
{"Struct":'SListmanTskSubTranV6', "IO":'O', "EventId":17086, "Event":'LISTMAN_UPDATE_FOR_EXEC_RPT REPORT', "Order":1094966, "To":'MULT'}
Is there a way to achieve this in Splunk? Our string field values can have spaces or characters like `'`, `"`, `\`, etc. in it
↧