Hi
I'm trying to send a log from Bluecoat Cacheflow 5000 to splunkstorm with the format listed below
type elff "date time c-ip sc-bytes cs-bytes rs-bytes sr-bytes cs-host"
I am interested to get only the source address and host domain of all the conections crossing by the cacheflow.
I don´t have problem sending those logs to splunkstorm, but the information gathering is displayed in an unreadable format.
Does anybody know how make these posible.
Thanks in advance