Hi all,
Here is how my raw logs look. I need help with props.conf so that I can index by the second time field instead of the first one.
Sep 19 12:45:19 129.106.x.x fdbsyslog: **timestamp=2017.09.19 - 12:25:16.056** devname=123 device_id=123 type=alert
Thanks in advance
↧