Hi guys,
I was just looking at the outputs.confspec. I can see that the priority value can be set from 0 to 7.
We require this field to be dynamically set based on a value in the raw data, is this possible. For example, we wish to output the data as it is received by Splunk with the header intact. Any thoughts on configuring this?
Thanks very much,
Matt
