Hello All,
I was wondering if there is a way to cleanup the key value pair logging inside of snmptrapd? I am ingesting these logs with a UF and I do not want to perform rex sed from my indexers. Thanks.
Here is my current format string
vi /etc/snmp/snmptrapd.conf
`format2 Date = %y-%02.2m-%02.2l %02.2h:%02.2j:%02.2k\n%V\n%v\n---\n`
My logs look like this:
CISCO-LWAPP-DOT11-CLIENT-MIB::cldcApMacAddress.'....6C' = mac-address
CISCO-LWAPP-DOT11-CLIENT-MIB::cldcClientByIpAddressType.0 = ipv4
I would like them to look like this (before ingesting them into Splunk)
cldcApMacAddress = mac-address
cldcClientByIpAddressType = ipv4
↧