From 4880f17b150f4893e671b294436000c493f862b6 Mon Sep 17 00:00:00 2001 From: admingit Date: Thu, 18 Jan 2024 14:16:34 +0100 Subject: [PATCH] update-TA --- .DS_Store | Bin 0 -> 6148 bytes deployment-apps/.DS_Store | Bin 0 -> 22532 bytes .../4_2_0/lib/python3.8/site-packages/.DS_Store | Bin 0 -> 6148 bytes .../Splunk_TA_api-renault/local/props.conf | 7 +++++-- .../Splunk_TA_api-renault/local/transforms.conf | 11 ++++++++--- 5 files changed, 13 insertions(+), 5 deletions(-) create mode 100644 .DS_Store create mode 100644 deployment-apps/.DS_Store create mode 100644 deployment-apps/Splunk_SA_Scientific_Python_linux_x86_64/bin/linux_x86_64/4_2_0/lib/python3.8/site-packages/.DS_Store diff --git a/.DS_Store b/.DS_Store new file mode 100644 index 0000000000000000000000000000000000000000..116d269d1f1a47d656aed241d1e3951bbed51e7b GIT binary patch literal 6148 zcmeHKJ5Iwu5Pcg`gn&d!MCA)Wh`4}>%n4G^LK0+}(7E9NktmV40tHv#3e=Po zbXdW#Z>5uY0ZH>uwJ8e!L_vih?Fa5>o?A_Qs zd}b;(FvJN8jF96B8RzF1V;je`6}YJG=Ju_*w>+b|$MuJoE#2dib+UZ6^Y3R>&vW;5 zFXu5a28;n?;IA;ink~{;3uvP;UxSOyH~aN2x0UD;`e;{58of8@jA;(#_91IEBS11sUO zCH4Q{^ZtK6$*zn6W8hyg;Oa>)>GDWgTNe%|wKk$2QAH%K3^+~U#Ft{mN-5r?dZ9g% W2{BeI1JXjV9|2E;4aUHaGVl&t16g_i literal 0 HcmV?d00001 diff --git a/deployment-apps/.DS_Store b/deployment-apps/.DS_Store new file mode 100644 index 0000000000000000000000000000000000000000..c0f928359cdc0164520f650b21a089e5745e8080 GIT binary patch literal 22532 zcmeI4ZEPGz8OLW6Uu98%Y@Tht3AqHh*XQ_=*r$Zp)U5eZmLphX~^?XzPW`+QFB zV#g5@7GFSx52UCnQfM30s!G}tQXy3-AQeJF8&GH}q4J?rEwmp32nZ4=hzg1SGkdf9 z%-x)CXLc>2vMcS)-QGUW%>TDDv-7qqgz)YUUT;U-hmZJ5@~3{e!b`ww`%Fni7`>&N$1*gpX4Suu?mX2cZY+Y4Vg{HA!P#KPc9szq3M5WLdy-`(GQTvvX!u}5-$3oG=+^cMd+J)l`e+o zo8x$vPDj{R2^am)Hy567F1$+2)N!HBld&Vr;s-XbPX_5nN+2a*Akd3rUB-T90sYK8 zdW}W&AB*S#m(lkeMvpQlc8L46{%+H)N8P;ezV8oz^=x;g@9U5r)~{`e=Sk~TXO2M_ z#s*CN@Fn?x(q}+yg2oDTR#ScPJ#ub;zw&*>EoM47!{of`JTDSY8WpJ>*O)_Y8^g#( zxrSNmI~~!iIG5AkIjOirh>vTxv()sp4UxXi#`@~!kJdNtwD-VufA8x*P`WMC!5O%F z(RmCKkM=q|3Y8JHF|C9g?YKUQ4cA=ieL-n%7#CM*W2fmlHcPt9_0*gQbm1z~SREVf z)0Dn&e50EeuKmF~&M55;>ESfudD8g2c#8O3YrO9BlF2CUDf4m^)gN2U;kT*2eBbAX z+&ytlkG=8>#mO;UoK<{p8n4x|oLn7=SM}X@^*;}TP-I)qWM=(2#l*rs7(s4vvDb9B zXOVPqT_oMp$RT;OK&DZuFm8@;K`Tw-^snRi;#{7}yrj4|r;X>9B>ZXI#AV{9U$cJP zQ)kgOqnQf-vn)&6m?&$URzAML#+GyG9eY>JF+`4=b8xZObT%ueV5gJ1crWhuO9JF@v-Ny2p_JN5$Qk zpDN3_q&&h&SuXUssJ1M1lr24Q{g;0hlm%-qVNK!gMdQ)-Q{s_sDS?zgG6c55O$X+_ zH=$nHF6)ndxWCdIv)>z|x#Jva)M?y#=Y-x;7b|bHv*z{6O~q}0_}D#iuG=DhUbnh= z(CQNi$F{bje-bt7A*h{#(h}-Zx|5Rn5oiYo{eI%jN4Mmyo#4Au7*_Lab{92&d!alrvxY!$Xt9+)e^Bh#t>WYHA%G6V% zwH=4B>-SL6bsWkqthx5rAGxI3OjaI3^==+?{X-Cd^(1~dSNi9nbfjMX?%vVZg6sU( z$v|g=czAw}Zl&vy{iQ7Q(3+ioEMMA*@IL67L0LVBt4gDlwySpDg5uadIg{qI0h0v$ zhB+chzdBc0A9h!`?m~?qR~k9690p4#Kb+r{3jsezUm>%&z6_j9YsRR5Njq%+Ujl8GK0?K=J`5a)Mbg_HaA;~DSgd{L#5TVh z5R2_KWSE>+ovLi@ZZPC7zjme()p67xRD0Op4cCKgV!k=!QsxtCft= zt}~R&68c}%7mH9TSNsGVt$lEAJ)aD?Irs@V#qpza>4PM!W~hBa%;)0QT9N2@N8CMe zMrS@7Fmg;6?+?ZIrt{K9k$6wg=M{O})oTVVHS%NShqHQef56JoSD2^b`Z91b^}Nh$ zWTHQRcr&;q;+J#$>z4zL3Hc7WChgn6nd*|wa`v1*%bAn&JT${a>jtPlF^+k#y%yw<=`h|6~~W(OEX%xH19(zFHw_es+(?p7OJbx;F?~$ zd|s`Ns5vW4as9Kj^klw;$nfOr4qOGAh1xB)YpD@U)7Ag;v~+$o$e)@IUenb(M@t8q z0oXc0qm2AQJt3L}_4&~FZV5-{Wg6+J+}kjBdb`-9rxdeA)*iT)E6-iJk}1o)Vwn!E z*4>NFqn&tkV4jRxP}Oylzb3qhHt3f?iPoWLvuEDzH*B-B<{ZBG=<6zfS;Ws7xOw3E zy}rw&zXhw*v}d`sE57OrR6o?5!?kSe{+sG+7|shz%Tnj@bcyDRl&%QRnCmIsIzncZ z?c)d|c;H0YQ|b{c^%O5sv`ajnuBG&z-~4{*vpLYt^h=O3piKWyMv6y;&F7{KQ^ zasyrY34EVHz9)Grj9yie|-G^?c<+ot5XYBE-kbgPkSUm+60t z^mS?ZDu*0T>%FPIp?0B~OQ$)?8JtO)tJY?T^KM?a{^4%~tx1RUa31kIaXyu2Yj3Dp zFHd))9FFC|MzvG-;d>rO2T{uCxe8*X-W}tQj~xi^T| zI<`T2|IgjH%6R7=fB#<}ey3YXASLh~C*U;=>>0QVBE337=@G&#_95)F(RqvX1slH8 z-xSJM@!$u&isu13MjMU~$uIu*Mf&d1Q5i~8{PN%8v+OScO8fsbgYUmh)G%tm+YNTT cc;0rfv*hiewEvG$FVsW1#1&tMF0Q* literal 0 HcmV?d00001 diff --git a/deployment-apps/Splunk_SA_Scientific_Python_linux_x86_64/bin/linux_x86_64/4_2_0/lib/python3.8/site-packages/.DS_Store b/deployment-apps/Splunk_SA_Scientific_Python_linux_x86_64/bin/linux_x86_64/4_2_0/lib/python3.8/site-packages/.DS_Store new file mode 100644 index 0000000000000000000000000000000000000000..312b81f98cde9c580b56a7fe2fa7b75f013d7967 GIT binary patch literal 6148 zcmeHKu};H44E41|DzHRMz`{-J`GZh}g*88b(xMirQK|~|^b?TyAQrZcd;&j!#0T(v zHX$KFVnV30CEvT8?K|gP71u=MCikn z>v-G3e`G)|H^;r*K^ylsEsGT=JUoBh0LJvqrzq1jUzR!B-fpv#gNNsfe!tnT{8o!N ztIxc8!dA2wa#|y+1^=Qxt;L7?{eL^io{Rxw zV5b;xqclq=cqOf^otNWU>!H_B7WS(I>kv#rDTXhX;$vtKtb3jS6U9mpD-io55NNQ$ J82D2LJ^+)xPyzq| literal 0 HcmV?d00001 diff --git a/deployment-apps/Splunk_TA_api-renault/local/props.conf b/deployment-apps/Splunk_TA_api-renault/local/props.conf index 50da2beb..fd45a87d 100644 --- a/deployment-apps/Splunk_TA_api-renault/local/props.conf +++ b/deployment-apps/Splunk_TA_api-renault/local/props.conf @@ -1,2 +1,5 @@ -[_json] -TRANSFORMS-set=json_transform \ No newline at end of file +#[_json] +#TRANSFORMS-set=json_transform + +[syslog] +SEDCMD-remove-dashes = s/-//g \ No newline at end of file diff --git a/deployment-apps/Splunk_TA_api-renault/local/transforms.conf b/deployment-apps/Splunk_TA_api-renault/local/transforms.conf index 74643a3e..b4f01683 100644 --- a/deployment-apps/Splunk_TA_api-renault/local/transforms.conf +++ b/deployment-apps/Splunk_TA_api-renault/local/transforms.conf @@ -1,3 +1,8 @@ -[extract-fields] -REGEX = \{\"(?[^\"]+)\"\} -FORMAT = $1::$json_data \ No newline at end of file +#[extract-fields] +#REGEX = \{\"(?[^\"]+)\"\} +#FORMAT = $1::$json_data + +[custom-fields] +REGEX = ^(\S+)\s+(\S+)\s+(\S+)\s+(\S+) +FORMAT = Registration::$1 Brand::$2 Model::$3 VIN::$4 +