I have `INDEXED_EXTRACTIONS = json` and `TIMESTAMP_FIELDS = my_timestamp_field` in [my_json_type] stanza. This works when I upload a file and select my_json_type as source type. But when I post the exact same data via REST API's receiver endpoint, no field extraction happens. (Both datasets returned by search *sourcetype=my_json_type*.) How can I make this work for both file upload and REST API?
↧