Hi...
I have a AS400 syslog file. for which I am want to configure splunk to pick up the events at every 2 lines. Please advise which is the best way to do it
Sample log
5761SS1 V6R1M0 080215 History Log Page 0001
MSGID SEV MSG TYPE
**Start of the event**
CPF1124 00 INFO Job 252582/QTMHHTTP/QIWIRELESS started on 07/04/16 at 00:00:21 in subsystem QHTTPSVR in QHTTPSVR. Job ent
QIWIRELESS QTMHHTTP 252582 QWTPIIPP 0000 07/04/16 00:00:22.002029 QTMHHTTP
**End of the Event**
CPF1164 00 COMPLETION Job 252582/QTMHHTTP/QIWIRELESS ended on 07/04/16 at 00:00:22; .034 seconds used; end code 0
QIWIRELESS QTMHHTTP 252582 QWTMCEOJ 0000 07/04/16 00:00:22.701533 QTMHHTTP
CPF1124 00 INFO Job 252583/QPM400/Q1PDR started on 07/04/16 at 00:00:23 in subsystem QSYSWRK in QSYS. Job entered system
Q1PDR QPM400 252583 QWTPIIPP 0000 07/04/16 00:00:23.286025 QPM400
↧