Hi,
I am using Expanded Snare syslog app in HF. But the problem here is the data is not getting parsed as per the props.conf in the app.
Do we have to install this app in indexers as well ? OR HF will do the parsing before sending the logs to indexers?
Please help!!
↧