Hi,
I have a csv file with headers, and a preamble. I already have the fields being discovered, but I'm unable to get both filtered from indexing and hoping someone can help me. Here are examples of the lines that I want filtered:
1) `################################### Perfmon start:`
2)`#time,pkt_drop_percent,wire_mbits_per_sec.realtime,alerts_per_second,kpackets_wire_per_sec.realtime,avg_bytes_per_wire_packet,patmatch_percent,syns_per_second,synacks_per_second,`
Here's my props.conf:
PREAMBLE_REGEX = (^#time.+|^#########+)
ANNOTATE_PUNCT=false
MAX_TIMESTAMP_LOOKAHEAD = 35
SHOULD_LINEMERGE = false
LINE_BREAKER = ([\r\n]+)
TIME_PREFIX=^
I think that this should work, but it's not. Any ideas?
↧
