Hi, I need to transform the input logs into different format.I used props.conf and transforms .conf to change the format of the log,still i need some more clarifications.The input log is of the format 2013/11/22 00:03:21 [therws] User activity containing filename(ascii) 2013/11/22 00:03:21 [tergs] User activity containing filename(binary) I should transform the above said log to the following format
dayofweek|month|day|time of day|year|filename|(a)|User activity where a is for ascii file
In transforms.conf ,with the help of REGEX i can extract the things which i want to display and using FORMAT I display the events to my need.My doubt is where to place the conditions so that i should check whether the file is ascii and set to (a) in my output format of the log.