diff --git a/apps/learned/default/README b/apps/learned/default/README
new file mode 100755
index 00000000..019381ff
--- /dev/null
+++ b/apps/learned/default/README
@@ -0,0 +1,6 @@
+
+This directory contains automatically generated sourcetypes. 
+
+   * sourcetypes.conf -- document models of sourcetype classification.
+   * props.conf -- settings for each discovered sourcetype.
+
diff --git a/apps/learned/local/props.conf b/apps/learned/local/props.conf
new file mode 100644
index 00000000..9c8c46fc
--- /dev/null
+++ b/apps/learned/local/props.conf
@@ -0,0 +1,741 @@
+[first_install-too_small]
+PREFIX_SOURCETYPE = True
+SHOULD_LINEMERGE = False
+is_valid = True
+maxDist = 9999
+
+[audit_v-too_small]
+PREFIX_SOURCETYPE = True
+SHOULD_LINEMERGE = False
+is_valid = True
+maxDist = 9999
+
+[cloudgateway_untracked-too_small]
+PREFIX_SOURCETYPE = True
+SHOULD_LINEMERGE = False
+is_valid = True
+maxDist = 9999
+
+[supervisor-too_small]
+PREFIX_SOURCETYPE = True
+SHOULD_LINEMERGE = False
+is_valid = True
+maxDist = 9999
+
+[sup-pkg-ipc_broker-stdout-too_small]
+PREFIX_SOURCETYPE = True
+SHOULD_LINEMERGE = False
+is_valid = True
+maxDist = 9999
+
+[sup-pkg-spotlight-collector-stdout-too_small]
+PREFIX_SOURCETYPE = True
+SHOULD_LINEMERGE = False
+is_valid = True
+maxDist = 9999
+
+[sup-pkg-spotlight-collector-too_small]
+PREFIX_SOURCETYPE = True
+SHOULD_LINEMERGE = False
+is_valid = True
+maxDist = 9999
+
+[sup-pkg-edge-processor-config-stdout-too_small]
+PREFIX_SOURCETYPE = True
+SHOULD_LINEMERGE = False
+is_valid = True
+maxDist = 9999
+
+[sup-pkg-cmp-orchestrator-stdout-too_small]
+PREFIX_SOURCETYPE = True
+SHOULD_LINEMERGE = False
+is_valid = True
+maxDist = 9999
+
+[spl2-orchestrator-too_small]
+PREFIX_SOURCETYPE = True
+SHOULD_LINEMERGE = False
+is_valid = True
+maxDist = 9999
+
+[sup-pkg-cmp-orchestrator-too_small]
+PREFIX_SOURCETYPE = True
+SHOULD_LINEMERGE = False
+is_valid = True
+maxDist = 9999
+
+[language-server-too_small]
+PREFIX_SOURCETYPE = True
+SHOULD_LINEMERGE = False
+is_valid = True
+maxDist = 9999
+
+[sup-pkg-identity-stdout-too_small]
+PREFIX_SOURCETYPE = True
+SHOULD_LINEMERGE = False
+is_valid = True
+maxDist = 9999
+
+[export_metrics-too_small]
+PREFIX_SOURCETYPE = True
+SHOULD_LINEMERGE = False
+is_valid = True
+maxDist = 9999
+
+[sup-pkg-postgres-too_small]
+PREFIX_SOURCETYPE = True
+SHOULD_LINEMERGE = False
+is_valid = True
+maxDist = 9999
+
+[sup-pkg-postgres-stdout-too_small]
+PREFIX_SOURCETYPE = True
+SHOULD_LINEMERGE = False
+is_valid = True
+maxDist = 9999
+
+[sup-pkg-agent-manager-stdout-too_small]
+PREFIX_SOURCETYPE = True
+SHOULD_LINEMERGE = False
+is_valid = True
+maxDist = 9999
+
+[sup-pkg-opamp-svc-stdout-too_small]
+PREFIX_SOURCETYPE = True
+SHOULD_LINEMERGE = False
+is_valid = True
+maxDist = 9999
+
+[splunk_instrumentation-too_small]
+PREFIX_SOURCETYPE = True
+SHOULD_LINEMERGE = False
+is_valid = True
+maxDist = 9999
+
+[supervisor-2]
+MAX_TIMESTAMP_LOOKAHEAD = 68
+SHOULD_LINEMERGE = False
+TIME_PREFIX = (?:.*?:){2}
+is_valid = True
+
+[sup-pkg-postgres-stdout-2]
+MAX_TIMESTAMP_LOOKAHEAD = 63
+SHOULD_LINEMERGE = False
+is_valid = True
+
+[splunk_archiver-too_small]
+PREFIX_SOURCETYPE = True
+SHOULD_LINEMERGE = False
+is_valid = True
+maxDist = 9999
+
+[splunk_o11y_app-too_small]
+PREFIX_SOURCETYPE = True
+SHOULD_LINEMERGE = False
+is_valid = True
+maxDist = 9999
+
+[sup-pkg-ipc_broker-too_small]
+PREFIX_SOURCETYPE = True
+SHOULD_LINEMERGE = False
+is_valid = True
+maxDist = 9999
+
+[sup-pkg-identity-too_small]
+PREFIX_SOURCETYPE = True
+SHOULD_LINEMERGE = False
+is_valid = True
+maxDist = 9999
+
+[sup-pkg-agent-manager-too_small]
+PREFIX_SOURCETYPE = True
+SHOULD_LINEMERGE = False
+is_valid = True
+maxDist = 9999
+
+[language-server-2]
+MAX_TIMESTAMP_LOOKAHEAD = 58
+SHOULD_LINEMERGE = False
+TIME_PREFIX = :
+is_valid = True
+
+[sup-pkg-edge-processor-config-too_small]
+PREFIX_SOURCETYPE = True
+SHOULD_LINEMERGE = False
+is_valid = True
+maxDist = 9999
+
+[sup-pkg-opamp-svc-too_small]
+PREFIX_SOURCETYPE = True
+SHOULD_LINEMERGE = False
+is_valid = True
+maxDist = 9999
+
+[sup-pkg-edge-processor-config-stdout-2]
+is_valid = True
+
+[sup-pkg-cmp-orchestrator-stdout-2]
+MAX_TIMESTAMP_LOOKAHEAD = 68
+TIME_PREFIX = (?:.*?:){2}
+is_valid = True
+
+[splunk_archiver-2]
+MAX_TIMESTAMP_LOOKAHEAD = 49
+SHOULD_LINEMERGE = False
+is_valid = True
+
+[sup-pkg-ipc_broker-stdout-2]
+MAX_TIMESTAMP_LOOKAHEAD = 68
+TIME_PREFIX = (?:.*?:){2}
+is_valid = True
+
+[sup-pkg-cmp-orchestrator-4]
+MAX_TIMESTAMP_LOOKAHEAD = 40
+is_valid = True
+
+[sup-pkg-postgres-4]
+MAX_TIMESTAMP_LOOKAHEAD = 40
+SHOULD_LINEMERGE = False
+is_valid = True
+
+[sup-pkg-edge-processor-config-4]
+MAX_TIMESTAMP_LOOKAHEAD = 44
+is_valid = True
+
+[sup-pkg-opamp-svc-3]
+MAX_TIMESTAMP_LOOKAHEAD = 40
+SHOULD_LINEMERGE = False
+is_valid = True
+
+[sup-pkg-spotlight-collector-3]
+MAX_TIMESTAMP_LOOKAHEAD = 47
+SHOULD_LINEMERGE = False
+is_valid = True
+
+[sup-pkg-postgres-5]
+MAX_TIMESTAMP_LOOKAHEAD = 40
+SHOULD_LINEMERGE = False
+is_valid = True
+
+[sup-pkg-opamp-svc-4]
+MAX_TIMESTAMP_LOOKAHEAD = 40
+SHOULD_LINEMERGE = False
+is_valid = True
+
+[sup-pkg-postgres-6]
+MAX_TIMESTAMP_LOOKAHEAD = 40
+SHOULD_LINEMERGE = False
+is_valid = True
+
+[sup-pkg-postgres-7]
+MAX_TIMESTAMP_LOOKAHEAD = 40
+SHOULD_LINEMERGE = False
+is_valid = True
+
+[apifilesave-too_small]
+PREFIX_SOURCETYPE = True
+SHOULD_LINEMERGE = False
+is_valid = True
+maxDist = 9999
+
+[gt_icon_collection-too_small]
+PREFIX_SOURCETYPE = True
+SHOULD_LINEMERGE = False
+is_valid = True
+maxDist = 9999
+
+[sup-pkg-postgres-8]
+MAX_TIMESTAMP_LOOKAHEAD = 40
+SHOULD_LINEMERGE = False
+is_valid = True
+
+[user_access_interface-too_small]
+PREFIX_SOURCETYPE = True
+SHOULD_LINEMERGE = False
+is_valid = True
+maxDist = 9999
+
+[sup-pkg-postgres-9]
+MAX_TIMESTAMP_LOOKAHEAD = 40
+SHOULD_LINEMERGE = False
+is_valid = True
+
+[sup-pkg-postgres-10]
+MAX_TIMESTAMP_LOOKAHEAD = 40
+SHOULD_LINEMERGE = False
+is_valid = True
+
+[mad_rest-too_small]
+PREFIX_SOURCETYPE = True
+SHOULD_LINEMERGE = False
+is_valid = True
+maxDist = 9999
+
+[sup-pkg-postgres-11]
+MAX_TIMESTAMP_LOOKAHEAD = 40
+SHOULD_LINEMERGE = False
+is_valid = True
+
+[unix_sc_rest-too_small]
+PREFIX_SOURCETYPE = True
+SHOULD_LINEMERGE = False
+is_valid = True
+maxDist = 9999
+
+[unixalertevents-too_small]
+PREFIX_SOURCETYPE = True
+SHOULD_LINEMERGE = False
+is_valid = True
+maxDist = 9999
+
+[unixalertsconfig-too_small]
+PREFIX_SOURCETYPE = True
+SHOULD_LINEMERGE = False
+is_valid = True
+maxDist = 9999
+
+[unixheadlines-too_small]
+PREFIX_SOURCETYPE = True
+SHOULD_LINEMERGE = False
+is_valid = True
+maxDist = 9999
+
+[unixsetup-too_small]
+PREFIX_SOURCETYPE = True
+SHOULD_LINEMERGE = False
+is_valid = True
+maxDist = 9999
+
+[unix_configured_handler-too_small]
+PREFIX_SOURCETYPE = True
+SHOULD_LINEMERGE = False
+is_valid = True
+maxDist = 9999
+
+[upgrader_package_delivery-too_small]
+PREFIX_SOURCETYPE = True
+SHOULD_LINEMERGE = False
+is_valid = True
+maxDist = 9999
+
+[sup-pkg-postgres-12]
+MAX_TIMESTAMP_LOOKAHEAD = 40
+SHOULD_LINEMERGE = False
+is_valid = True
+
+[sa-itsi-ai-summarization-too_small]
+PREFIX_SOURCETYPE = True
+SHOULD_LINEMERGE = False
+is_valid = True
+maxDist = 9999
+
+[sa-itsi-at-recommendations-too_small]
+PREFIX_SOURCETYPE = True
+SHOULD_LINEMERGE = False
+is_valid = True
+maxDist = 9999
+
+[upgrader_package_delivery-2]
+MAX_TIMESTAMP_LOOKAHEAD = 40
+SHOULD_LINEMERGE = False
+is_valid = True
+
+[sup-pkg-postgres-13]
+MAX_TIMESTAMP_LOOKAHEAD = 40
+SHOULD_LINEMERGE = False
+is_valid = True
+
+[splunk_instrumentation-2]
+MAX_TIMESTAMP_LOOKAHEAD = 44
+SHOULD_LINEMERGE = False
+is_valid = True
+
+[sup-pkg-postgres-14]
+MAX_TIMESTAMP_LOOKAHEAD = 40
+SHOULD_LINEMERGE = False
+is_valid = True
+
+[sup-pkg-postgres-15]
+MAX_TIMESTAMP_LOOKAHEAD = 40
+SHOULD_LINEMERGE = False
+is_valid = True
+
+[sup-pkg-postgres-16]
+MAX_TIMESTAMP_LOOKAHEAD = 40
+SHOULD_LINEMERGE = False
+is_valid = True
+
+[sup-pkg-postgres-17]
+MAX_TIMESTAMP_LOOKAHEAD = 40
+SHOULD_LINEMERGE = False
+is_valid = True
+
+[sup-pkg-postgres-18]
+MAX_TIMESTAMP_LOOKAHEAD = 40
+SHOULD_LINEMERGE = False
+is_valid = True
+
+[sup-pkg-postgres-19]
+MAX_TIMESTAMP_LOOKAHEAD = 40
+SHOULD_LINEMERGE = False
+is_valid = True
+
+[sup-pkg-postgres-20]
+MAX_TIMESTAMP_LOOKAHEAD = 40
+SHOULD_LINEMERGE = False
+is_valid = True
+
+[sup-pkg-postgres-21]
+MAX_TIMESTAMP_LOOKAHEAD = 40
+SHOULD_LINEMERGE = False
+is_valid = True
+
+[sup-pkg-postgres-22]
+MAX_TIMESTAMP_LOOKAHEAD = 40
+SHOULD_LINEMERGE = False
+is_valid = True
+
+[sup-pkg-postgres-23]
+MAX_TIMESTAMP_LOOKAHEAD = 40
+SHOULD_LINEMERGE = False
+is_valid = True
+
+[sup-pkg-postgres-24]
+MAX_TIMESTAMP_LOOKAHEAD = 40
+SHOULD_LINEMERGE = False
+is_valid = True
+
+[sup-pkg-postgres-25]
+MAX_TIMESTAMP_LOOKAHEAD = 40
+SHOULD_LINEMERGE = False
+is_valid = True
+
+[sup-pkg-postgres-26]
+MAX_TIMESTAMP_LOOKAHEAD = 40
+SHOULD_LINEMERGE = False
+is_valid = True
+
+[sup-pkg-postgres-27]
+MAX_TIMESTAMP_LOOKAHEAD = 40
+SHOULD_LINEMERGE = False
+is_valid = True
+
+[sup-pkg-postgres-28]
+MAX_TIMESTAMP_LOOKAHEAD = 40
+SHOULD_LINEMERGE = False
+is_valid = True
+
+[sup-pkg-spotlight-collector-4]
+MAX_TIMESTAMP_LOOKAHEAD = 47
+SHOULD_LINEMERGE = False
+is_valid = True
+
+[sup-pkg-postgres-29]
+MAX_TIMESTAMP_LOOKAHEAD = 40
+SHOULD_LINEMERGE = False
+is_valid = True
+
+[sup-pkg-postgres-30]
+MAX_TIMESTAMP_LOOKAHEAD = 40
+SHOULD_LINEMERGE = False
+is_valid = True
+
+[sup-pkg-postgres-31]
+MAX_TIMESTAMP_LOOKAHEAD = 40
+SHOULD_LINEMERGE = False
+is_valid = True
+
+[sup-pkg-postgres-32]
+MAX_TIMESTAMP_LOOKAHEAD = 40
+SHOULD_LINEMERGE = False
+is_valid = True
+
+[gt_icon_collection-2]
+MAX_TIMESTAMP_LOOKAHEAD = 44
+SHOULD_LINEMERGE = False
+is_valid = True
+
+[splunk_secure_gateway_modular_input.log]
+MAX_TIMESTAMP_LOOKAHEAD = 44
+SHOULD_LINEMERGE = False
+is_valid = True
+
+[itsi_untracked-too_small]
+PREFIX_SOURCETYPE = True
+SHOULD_LINEMERGE = False
+is_valid = True
+maxDist = 9999
+
+[itsi-too_small]
+PREFIX_SOURCETYPE = True
+SHOULD_LINEMERGE = False
+is_valid = True
+maxDist = 9999
+
+[itsi_apply_at_outliers-too_small]
+PREFIX_SOURCETYPE = True
+SHOULD_LINEMERGE = False
+is_valid = True
+maxDist = 9999
+
+[itsi_custom_threshold_window_overlaps_detector]
+MAX_TIMESTAMP_LOOKAHEAD = 48
+SHOULD_LINEMERGE = False
+is_valid = True
+
+[itsi_age_kpi_alert_value_cache-too_small]
+PREFIX_SOURCETYPE = True
+SHOULD_LINEMERGE = False
+is_valid = True
+maxDist = 9999
+
+[itsi_backfill-too_small]
+PREFIX_SOURCETYPE = True
+SHOULD_LINEMERGE = False
+is_valid = True
+maxDist = 9999
+
+[itsi_content_pack_authorship]
+MAX_TIMESTAMP_LOOKAHEAD = 48
+is_valid = True
+
+[itsi_content_packs_itsicli-too_small]
+PREFIX_SOURCETYPE = True
+SHOULD_LINEMERGE = False
+is_valid = True
+maxDist = 9999
+
+[itsi_content_packs_itsimodels]
+MAX_TIMESTAMP_LOOKAHEAD = 44
+SHOULD_LINEMERGE = False
+is_valid = True
+
+[itsi_csv_import]
+MAX_TIMESTAMP_LOOKAHEAD = 48
+SHOULD_LINEMERGE = False
+is_valid = True
+
+[itsi_episode_summarization_cleanup-too_small]
+PREFIX_SOURCETYPE = True
+SHOULD_LINEMERGE = False
+is_valid = True
+maxDist = 9999
+
+[itsi_exported_episode_files_cleaner]
+MAX_TIMESTAMP_LOOKAHEAD = 48
+is_valid = True
+
+[itsi_hec_init-too_small]
+PREFIX_SOURCETYPE = True
+SHOULD_LINEMERGE = False
+is_valid = True
+maxDist = 9999
+
+[itsi_maintenance_calendar_retention-too_small]
+PREFIX_SOURCETYPE = True
+SHOULD_LINEMERGE = False
+is_valid = True
+maxDist = 9999
+
+[itsi_nats_certificates_auto_rotation-too_small]
+PREFIX_SOURCETYPE = True
+SHOULD_LINEMERGE = False
+is_valid = True
+maxDist = 9999
+
+[itsi_notable_event_actions_consumer_assigning-too_small]
+PREFIX_SOURCETYPE = True
+SHOULD_LINEMERGE = False
+is_valid = True
+maxDist = 9999
+
+[itsi_notable_event_hec_init-too_small]
+PREFIX_SOURCETYPE = True
+SHOULD_LINEMERGE = False
+is_valid = True
+maxDist = 9999
+
+[itsi_queue_consumer_size_checker-too_small]
+PREFIX_SOURCETYPE = True
+SHOULD_LINEMERGE = False
+is_valid = True
+maxDist = 9999
+
+[itsi_user_access_init-too_small]
+PREFIX_SOURCETYPE = True
+SHOULD_LINEMERGE = False
+is_valid = True
+maxDist = 9999
+
+[itsi_backfill_record_cleanup-backfill_cleanup-too_small]
+PREFIX_SOURCETYPE = True
+SHOULD_LINEMERGE = False
+is_valid = True
+maxDist = 9999
+
+[itsi_content_packs_itoa-too_small]
+PREFIX_SOURCETYPE = True
+SHOULD_LINEMERGE = False
+is_valid = True
+maxDist = 9999
+
+[itsi_content_packs_retrieve-too_small]
+PREFIX_SOURCETYPE = True
+SHOULD_LINEMERGE = False
+is_valid = True
+maxDist = 9999
+
+[itsi_content_packs_saved_search_status-too_small]
+PREFIX_SOURCETYPE = True
+SHOULD_LINEMERGE = False
+is_valid = True
+maxDist = 9999
+
+[itsi_command_change_rules_engine_process-too_small]
+PREFIX_SOURCETYPE = True
+SHOULD_LINEMERGE = False
+is_valid = True
+maxDist = 9999
+
+[itsi-nats-server]
+MAX_TIMESTAMP_LOOKAHEAD = 56
+SHOULD_LINEMERGE = False
+is_valid = True
+
+[itsi_content_packs_preview-too_small]
+PREFIX_SOURCETYPE = True
+SHOULD_LINEMERGE = False
+is_valid = True
+maxDist = 9999
+
+[itsi_content_packs_install-too_small]
+PREFIX_SOURCETYPE = True
+SHOULD_LINEMERGE = False
+is_valid = True
+maxDist = 9999
+
+[itsi_command_getservice-too_small]
+PREFIX_SOURCETYPE = True
+SHOULD_LINEMERGE = False
+is_valid = True
+maxDist = 9999
+
+[unix_installer-too_small]
+PREFIX_SOURCETYPE = True
+SHOULD_LINEMERGE = False
+is_valid = True
+maxDist = 9999
+
+[itsi_ai_summary_worker]
+MAX_TIMESTAMP_LOOKAHEAD = 73
+is_valid = True
+
+[itsi_command_batch_at-too_small]
+PREFIX_SOURCETYPE = True
+SHOULD_LINEMERGE = False
+is_valid = True
+maxDist = 9999
+
+[itsi_appserver.log-too_small]
+PREFIX_SOURCETYPE = True
+SHOULD_LINEMERGE = False
+is_valid = True
+maxDist = 9999
+
+[itsi_queue_re_init.log]
+MAX_TIMESTAMP_LOOKAHEAD = 44
+SHOULD_LINEMERGE = False
+is_valid = True
+
+[itsi_license_checker.log-too_small]
+PREFIX_SOURCETYPE = True
+SHOULD_LINEMERGE = False
+is_valid = True
+maxDist = 9999
+
+[itsi_license_checker.log-2]
+MAX_TIMESTAMP_LOOKAHEAD = 44
+SHOULD_LINEMERGE = False
+is_valid = True
+
+[itsi_nats_mod_input.log]
+MAX_TIMESTAMP_LOOKAHEAD = 48
+SHOULD_LINEMERGE = False
+is_valid = True
+
+[itsi_command_health_monitor.log-too_small]
+PREFIX_SOURCETYPE = True
+SHOULD_LINEMERGE = False
+is_valid = True
+maxDist = 9999
+
+[itsi_command_set_severity_fields_v2.log-too_small]
+PREFIX_SOURCETYPE = True
+SHOULD_LINEMERGE = False
+is_valid = True
+maxDist = 9999
+
+[itsi_backup_restore-too_small]
+PREFIX_SOURCETYPE = True
+SHOULD_LINEMERGE = False
+is_valid = True
+maxDist = 9999
+
+[itsi_default_correlation_search_acl_loader.log]
+MAX_TIMESTAMP_LOOKAHEAD = 48
+is_valid = True
+
+[trackme_audit_events-too_small]
+PREFIX_SOURCETYPE = True
+SHOULD_LINEMERGE = False
+is_valid = True
+maxDist = 9999
+
+[trackme_state_events-too_small]
+PREFIX_SOURCETYPE = True
+SHOULD_LINEMERGE = False
+is_valid = True
+maxDist = 9999
+
+[trackme_handler_events-too_small]
+PREFIX_SOURCETYPE = True
+SHOULD_LINEMERGE = False
+is_valid = True
+maxDist = 9999
+
+[trackme_state_events-2]
+MAX_TIMESTAMP_LOOKAHEAD = 40
+SHOULD_LINEMERGE = False
+is_valid = True
+
+[trackme_handler_events-2]
+MAX_TIMESTAMP_LOOKAHEAD = 40
+SHOULD_LINEMERGE = False
+is_valid = True
+
+[git_pusher-too_small]
+PREFIX_SOURCETYPE = True
+SHOULD_LINEMERGE = False
+is_valid = True
+maxDist = 9999
+
+[git_pusher_startup-too_small]
+PREFIX_SOURCETYPE = True
+is_valid = True
+maxDist = 9999
+
+[git_pusher-3]
+MAX_TIMESTAMP_LOOKAHEAD = 44
+is_valid = True
+
+[git_pusher_startup-2]
+MAX_TIMESTAMP_LOOKAHEAD = 44
+is_valid = True
+
+[mlspl.log]
+MAX_TIMESTAMP_LOOKAHEAD = 73
+is_valid = True
+
+[git_pusher-5]
+MAX_TIMESTAMP_LOOKAHEAD = 44
+is_valid = True
diff --git a/apps/learned/local/sourcetypes.conf b/apps/learned/local/sourcetypes.conf
new file mode 100644
index 00000000..612aece0
--- /dev/null
+++ b/apps/learned/local/sourcetypes.conf
@@ -0,0 +1,3796 @@
+[/opt/splunk/var/log/splunk/supervisor.log_Sun_Oct_19_17:09:31_2025_1474066726]
+L-{\\"\\":\\"\\",\\"\\": = 0.689130
+_source = /opt/splunk/var/log/splunk/supervisor.log
+_sourcetype = supervisor-2
+address = 0.002174
+admin = 0.002174
+agent = 0.002174
+allocate = 0.002174
+allocating = 0.002174
+arch = 0.002174
+async = 0.002174
+begin = 0.002174
+bfd = 0.002174
+broker = 0.002174
+check = 0.002174
+client = 0.002174
+cmp = 0.002174
+collector = 0.002174
+command = 0.002174
+communication = 0.002174
+completed = 0.002174
+component = 0.002174
+compsup = 0.002174
+config = 0.002174
+connect = 0.002174
+connection = 0.002174
+control = 0.002174
+count = 0.002174
+creating = 0.002174
+daemon = 0.002174
+data = 0.002174
+dataplane = 0.002174
+deregistration = 0.002174
+desired = 0.002174
+desiredpackagename = 0.002174
+desiredstate = 0.002174
+dial = 0.002174
+dir = 0.002174
+directory = 0.002174
+download = 0.002174
+downloading = 0.002174
+duration = 0.002174
+durationms = 0.002174
+edge = 0.002174
+enablenodeflavor = 0.002174
+end = 0.002174
+endpoint = 0.002174
+error = 0.002174
+etc = 0.002174
+executing = 0.002174
+extract = 0.002174
+extracted = 0.002174
+extraction = 0.002174
+factories = 0.002174
+failed = 0.002174
+false = 0.002174
+fea = 0.002174
+fee = 0.002174
+file = 0.002174
+finished = 0.002174
+flag = 0.002174
+for = 0.002174
+get = 0.002174
+heartbeat = 0.002174
+heartbeats = 0.002174
+hostname = 0.002174
+https = 0.002174
+identity = 0.002174
+info = 0.002174
+ipc = 0.002174
+isshc = 0.002174
+job = 0.002174
+jobname = 0.002174
+level = 0.002174
+listener = 0.002174
+location = 0.002174
+log = 0.002174
+logging = 0.002174
+loglevel = 0.002174
+manager = 0.002174
+manifest = 0.002174
+match = 0.002174
+message = 0.002174
+methods = 0.002174
+name = 0.002174
+nascent = 0.002174
+node = 0.002174
+not = 0.002174
+nothing = 0.002174
+number = 0.002174
+opamp = 0.002174
+opt = 0.002174
+orchestrator = 0.002174
+package = 0.002174
+packagename = 0.002174
+packageroot = 0.002174
+packages = 0.002174
+pkg = 0.002174
+pkgreconciler = 0.002174
+plane = 0.002174
+port = 0.002174
+post = 0.002174
+postgres = 0.002174
+process = 0.002174
+processor = 0.002174
+reconcile = 0.002174
+refused = 0.002174
+registered = 0.002174
+registering = 0.002174
+registration = 0.002174
+retry = 0.002174
+run = 0.002174
+runner = 0.002174
+running = 0.002174
+runreconciler = 0.002174
+runupdates = 0.002174
+semver = 0.002174
+server = 0.002174
+service = 0.002174
+set = 0.002174
+settingshash = 0.002174
+sidecar = 0.002174
+sidecarid = 0.002174
+sidecars = 0.002174
+sockets = 0.002174
+spec = 0.002174
+spotlight = 0.002174
+start = 0.002174
+starting = 0.002174
+status = 0.002174
+supervisor = 0.002174
+svc = 0.002174
+tarball = 0.002174
+target = 0.002174
+tcp = 0.002174
+the = 0.002174
+time = 0.002174
+true = 0.002174
+untar = 0.002174
+updating = 0.002174
+use = 0.002174
+var = 0.002174
+version = 0.002174
+versionid = 0.002174
+via = 0.002174
+will = 0.002174
+yaml = 0.002174
+
+[/opt/splunk/var/log/splunk/sup-pkg-postgres-stdout.log_Sun_Oct_19_17:09:31_2025_686783033]
+L-{\\"\\":\\"--::. = 0.547210
+_source = /opt/splunk/var/log/splunk/sup-pkg-postgres-stdout.log
+_sourcetype = sup-pkg-postgres-stdout-2
+acb = 0.002146
+acc = 0.002146
+acies = 0.002146
+address = 0.002146
+age = 0.002146
+already = 0.002146
+and = 0.002146
+api = 0.002146
+apiserver = 0.002146
+arguments = 0.002146
+assigned = 0.002146
+assignroletouser = 0.002146
+auth = 0.002146
+baselocation = 0.002146
+body = 0.002146
+bootstrappostgres = 0.002146
+builds = 0.002146
+bundle = 0.002146
+called = 0.002146
+canceled = 0.002146
+cert = 0.002146
+certbundle = 0.002146
+certificate = 0.002146
+check = 0.002146
+checkhealth = 0.002146
+checking = 0.002146
+code = 0.002146
+collate = 0.002146
+collector = 0.002146
+com = 0.002146
+completed = 0.002146
+components = 0.002146
+config = 0.002146
+conn = 0.002146
+connection = 0.002146
+context = 0.002146
+control = 0.002146
+core = 0.002146
+created = 0.002146
+createdatabase = 0.002146
+createrole = 0.002146
+createuser = 0.002146
+creation = 0.002146
+ctype = 0.002146
+dal = 0.002146
+data = 0.002146
+dataaccesslayer = 0.002146
+database = 0.002146
+databases = 0.002146
+date = 0.002146
+dbname = 0.002146
+dbuser = 0.002146
+default = 0.002146
+dereference = 0.002146
+dir = 0.002146
+directory = 0.002146
+eac = 0.002146
+enabled = 0.002146
+entrypoint = 0.002146
+err = 0.002146
+error = 0.002146
+etc = 0.002146
+exists = 0.002146
+exit = 0.002146
+failed = 0.002146
+fetch = 0.002146
+file = 0.002146
+filename = 0.002146
+for = 0.002146
+func = 0.002146
+function = 0.002146
+generating = 0.002146
+gethealthstatus = 0.002146
+goroutine = 0.002146
+granted = 0.002146
+handler = 0.002146
+handlerfunc = 0.002146
+health = 0.002146
+healthcheck = 0.002146
+http = 0.002146
+https = 0.002146
+info = 0.002146
+information = 0.002146
+initialization = 0.002146
+initializing = 0.002146
+initshccomponents = 0.002146
+internal = 0.002146
+interval = 0.002146
+invalid = 0.002146
+ipc = 0.002146
+ishealthy = 0.002146
+key = 0.002146
+kvstore = 0.002146
+level = 0.002146
+libraries = 0.002146
+limit = 0.002146
+line = 0.002146
+local = 0.002146
+log = 0.002146
+logging = 0.002146
+manager = 0.002146
+memory = 0.002146
+metadata = 0.002146
+mod = 0.002146
+module = 0.002146
+msg = 0.002146
+nanny = 0.002146
+ncd = 0.002146
+ncreate = 0.002146
+ncreated = 0.002146
+net = 0.002146
+new = 0.002146
+ngoroutine = 0.002146
+nil = 0.002146
+nnet = 0.002146
+npanic = 0.002146
+null = 0.002146
+oas = 0.002146
+opamp = 0.002146
+opt = 0.002146
+owner = 0.002146
+package = 0.002146
+packages = 0.002146
+panic = 0.002146
+password = 0.002146
+path = 0.002146
+pdl = 0.002146
+pem = 0.002146
+permission = 0.002146
+permissions = 0.002146
+pkg = 0.002146
+pointer = 0.002146
+port = 0.002146
+post = 0.002146
+postgres = 0.002146
+postgresplugin = 0.002146
+postgressubprocess = 0.002146
+primary = 0.002146
+process = 0.002146
+processmanager = 0.002146
+read = 0.002146
+received = 0.002146
+replica = 0.002146
+request = 0.002146
+role = 0.002146
+rolename = 0.002146
+root = 0.002146
+rotation = 0.002146
+run = 0.002146
+running = 0.002146
+runtime = 0.002146
+schema = 0.002146
+sdk = 0.002146
+search = 0.002146
+secret = 0.002146
+sending = 0.002146
+serve = 0.002146
+servehttp = 0.002146
+servemux = 0.002146
+server = 0.002146
+serverhandler = 0.002146
+service = 0.002146
+services = 0.002146
+serving = 0.002146
+setting = 0.002146
+setup = 0.002146
+setuppostgres = 0.002146
+setuppostgresprocess = 0.002146
+sidecar = 0.002146
+sidecars = 0.002146
+skipping = 0.002146
+source = 0.002146
+splunkdev = 0.002146
+src = 0.002146
+ssl = 0.002146
+start = 0.002146
+started = 0.002146
+starting = 0.002146
+startprocesses = 0.002146
+status = 0.002146
+stopping = 0.002146
+store = 0.002146
+subprocess = 0.002146
+subprocesses = 0.002146
+successfully = 0.002146
+super = 0.002146
+superuser = 0.002146
+table = 0.002146
+telemetry = 0.002146
+telemetrymodule = 0.002146
+teleport = 0.002146
+teleportplugin = 0.002146
+template = 0.002146
+time = 0.002146
+tls = 0.002146
+tpostgres = 0.002146
+traefik = 0.002146
+true = 0.002146
+truncate = 0.002146
+user = 0.002146
+username = 0.002146
+users = 0.002146
+using = 0.002146
+usr = 0.002146
+var = 0.002146
+version = 0.002146
+with = 0.002146
+workload = 0.002146
+write = 0.002146
+xbe = 0.002146
+zone = 0.002146
+
+[/opt/splunk/var/log/splunk/language-server.log_Sun_Oct_19_17:30:50_2025_667066617]
+L-{\\"\\":\\"--::. = 0.825000
+_source = /opt/splunk/var/log/splunk/language-server.log
+_sourcetype = language-server-2
+accepted = 0.008333
+client = 0.008333
+connection = 0.008333
+info = 0.008333
+initializing = 0.008333
+language = 0.008333
+level = 0.008333
+listening = 0.008333
+lsp = 0.008333
+message = 0.008333
+opt = 0.008333
+orchestrator = 0.008333
+port = 0.008333
+run = 0.008333
+server = 0.008333
+sock = 0.008333
+sockets = 0.008333
+spl = 0.008333
+started = 0.008333
+timestamp = 0.008333
+var = 0.008333
+
+[/opt/splunk/var/log/splunk/sup-pkg-edge-processor-config-stdout.log_Sat_Oct_25_17:38:57_2025_664940085]
+L- = 0.007906
+L-(_(_)\\\\_|_' = 0.011178
+L-..:___ = 0.014449
+L-::,_|-__.. = 0.029444
+L-::,_|-__L7(L7) = 0.028353
+L-_/\\\\\\\\_/_'__ = 0.010905
+L-_::___::__ = 0.011450
+L-_EQEQEQEQEQEQEQEQEQ = 0.010905
+L-_\\\\\\\\/__)|_| = 0.011450
+L-__ = 0.005998
+L-__'__||_.| = 0.011178
+L-__._______ = 0.010632
+L-t_....$$(. = 0.030534
+L-t_....$.(. = 0.030262
+L-t_....(.:) = 0.025627
+L-t_.....(.: = 0.031625
+L-t_......$$ = 0.028626
+L-t_......(. = 0.030534
+L-t_.......( = 0.027808
+L-t_.@../... = 0.017721
+L-{\\"@\\":\\"--:: = 0.048528
+L-{\\"\\":\\"----\\" = 0.154580
+L-{\\"\\":\\"\\",\\"@\\" = 0.070611
+L-{\\"\\":\\"\\",\\"\\": = 0.125409
+_source = /opt/splunk/var/log/splunk/sup-pkg-edge-processor-config-stdout.log
+_sourcetype = sup-pkg-edge-processor-config-stdout-2
+
+[/opt/splunk/var/log/splunk/sup-pkg-edge-processor-config-stdout.log_Sat_Oct_25_17:38:57_2025_1083946308]
+L-{\\"@\\":\\"--:: = 0.123611
+L-{\\"\\":\\"\\",\\"@\\" = 0.179861
+L-{\\"\\":\\"\\",\\"\\": = 0.319444
+_source = /opt/splunk/var/log/splunk/sup-pkg-edge-processor-config-stdout.log
+_sourcetype = sup-pkg-edge-processor-config-stdout-2
+
+[/opt/splunk/var/log/splunk/sup-pkg-edge-processor-config-stdout.log_Sat_Oct_25_17:38:57_2025_81843992]
+L-{\\"@\\":\\"--:: = 0.145663
+L-{\\"\\":\\"\\",\\"@\\" = 0.211948
+L-{\\"\\":\\"\\",\\"\\": = 0.211129
+_source = /opt/splunk/var/log/splunk/sup-pkg-edge-processor-config-stdout.log
+_sourcetype = sup-pkg-edge-processor-config-stdout-2
+
+[/opt/splunk/var/log/splunk/sup-pkg-edge-processor-config-stdout.log_Sat_Oct_25_17:38:57_2025_592469891]
+L- = 0.002873
+L-(_(_)\\\\_|_' = 0.004062
+L-....:_____ = 0.075292
+L-::,_|-__.. = 0.010699
+L-::,_|-__L7(L7) = 0.010303
+L-_/\\\\\\\\_/_'__ = 0.003963
+L-_::___::__ = 0.004161
+L-_:_....:__ = 0.014761
+L-_:_...:___ = 0.009610
+L-_EQEQEQEQEQEQEQEQEQ = 0.003963
+L-_\\\\\\\\/__)|_| = 0.004161
+L-__ = 0.002180
+L-__'__||_.| = 0.004062
+L-__._______ = 0.003864
+L-t...__ = 0.001189
+L-t_....$.(. = 0.013671
+L-t_....(.:) = 0.009312
+L-t_.....$$$ = 0.008025
+L-t_.....$.( = 0.009312
+L-t_.....(.: = 0.008916
+L-t_......$$ = 0.011492
+L-t_......(. = 0.007133
+L-t_.......( = 0.011690
+L-{\\"@\\":\\"--:: = 0.102932
+L-{\\"\\":\\"\\",\\"@\\" = 0.031405
+L-{\\"\\":\\"\\",\\"\\": = 0.557955
+_source = /opt/splunk/var/log/splunk/sup-pkg-edge-processor-config-stdout.log
+_sourcetype = sup-pkg-edge-processor-config-stdout-2
+
+[/opt/splunk/var/log/splunk/sup-pkg-cmp-orchestrator-stdout.log_Sat_Oct_25_17:38:58_2025_1476162846]
+L-{\\"\\":,\\"\\":\\"\\" = 0.708165
+L-{\\"\\":\\"\\",\\"\\": = 0.170574
+_source = /opt/splunk/var/log/splunk/sup-pkg-cmp-orchestrator-stdout.log
+_sourcetype = sup-pkg-cmp-orchestrator-stdout-2
+
+[/opt/splunk/var/log/splunk/sup-pkg-cmp-orchestrator-stdout.log_Sat_Oct_25_17:38:58_2025_1558550344]
+L-{\\"\\":\\"\\",\\"\\": = 0.937778
+_source = /opt/splunk/var/log/splunk/sup-pkg-cmp-orchestrator-stdout.log
+_sourcetype = sup-pkg-cmp-orchestrator-stdout-2
+check = 0.004444
+enterprise = 0.004444
+health = 0.004444
+healthy = 0.004444
+hostname = 0.004444
+info = 0.004444
+level = 0.004444
+location = 0.004444
+message = 0.004444
+passed = 0.004444
+plugin = 0.004444
+runtimestatus = 0.004444
+service = 0.004444
+time = 0.004444
+
+[/opt/splunk/var/log/splunk/splunk_archiver.log_Sat_Oct_25_17:39:03_2025_1050017487]
+L---_::,_+_t = 0.937500
+_source = /opt/splunk/var/log/splunk/splunk_archiver.log
+_sourcetype = splunk_archiver-2
+archivebuckets = 0.006944
+copybuckets = 0.006944
+dispatching = 0.006944
+info = 0.006944
+json = 0.006944
+providers = 0.006944
+search = 0.006944
+the = 0.006944
+vixes = 0.006944
+
+[/opt/splunk/var/log/splunk/sup-pkg-ipc_broker-stdout.log_Sat_Oct_25_21:52:23_2025_1042601451]
+L-___:__//?EQ = 0.141321
+L-{\\"\\":\\"\\",\\"\\": = 0.615975
+_source = /opt/splunk/var/log/splunk/sup-pkg-ipc_broker-stdout.log
+_sourcetype = sup-pkg-ipc_broker-stdout-2
+able = 0.001536
+address = 0.001536
+after = 0.001536
+agent = 0.001536
+allocated = 0.001536
+allocatedport = 0.001536
+allocating = 0.001536
+allocation = 0.001536
+apiform = 0.001536
+bbolt = 0.001536
+broker = 0.001536
+but = 0.001536
+canceled = 0.001536
+client = 0.001536
+cmp = 0.001536
+collector = 0.001536
+conf = 0.001536
+config = 0.001536
+connecting = 0.001536
+connection = 0.001536
+context = 0.001536
+control = 0.001536
+creating = 0.001536
+data = 0.001536
+database = 0.001536
+datastore = 0.001536
+defined = 0.001536
+directory = 0.001536
+discover = 0.001536
+discovery = 0.001536
+down = 0.001536
+durationms = 0.001536
+dynamic = 0.001536
+edge = 0.001536
+error = 0.001536
+everything = 0.001536
+existing = 0.001536
+exists = 0.001536
+exit = 0.001536
+expectedports = 0.001536
+false = 0.001536
+file = 0.001536
+find = 0.001536
+fips = 0.001536
+for = 0.001536
+found = 0.001536
+from = 0.001536
+get = 0.001536
+getting = 0.001536
+graceful = 0.001536
+grpc = 0.001536
+handle = 0.001536
+handled = 0.001536
+handling = 0.001536
+hits = 0.001536
+hostname = 0.001536
+http = 0.001536
+https = 0.001536
+httpv = 0.001536
+identity = 0.001536
+ignored = 0.001536
+incoming = 0.001536
+info = 0.001536
+initialization = 0.001536
+inserting = 0.001536
+instance = 0.001536
+instead = 0.001536
+ipc = 0.001536
+json = 0.001536
+key = 0.001536
+level = 0.001536
+location = 0.001536
+log = 0.001536
+logger = 0.001536
+logging = 0.001536
+logs = 0.001536
+look = 0.001536
+looking = 0.001536
+manager = 0.001536
+matching = 0.001536
+message = 0.001536
+method = 0.001536
+metrics = 0.001536
+middleware = 0.001536
+mode = 0.001536
+nanny = 0.001536
+new = 0.001536
+not = 0.001536
+number = 0.001536
+obtaining = 0.001536
+opamp = 0.001536
+opened = 0.001536
+opening = 0.001536
+operation = 0.001536
+opt = 0.001536
+orchestrator = 0.001536
+output = 0.001536
+own = 0.001536
+packages = 0.001536
+persistent = 0.001536
+plane = 0.001536
+plugin = 0.001536
+port = 0.001536
+portconfigured = 0.001536
+ports = 0.001536
+postgres = 0.001536
+pre = 0.001536
+primary = 0.001536
+processor = 0.001536
+properties = 0.001536
+protocol = 0.001536
+record = 0.001536
+register = 0.001536
+registration = 0.001536
+registry = 0.001536
+replica = 0.001536
+request = 0.001536
+rest = 0.001536
+retrieve = 0.001536
+retrieving = 0.001536
+sending = 0.001536
+server = 0.001536
+service = 0.001536
+serviceinfo = 0.001536
+servicename = 0.001536
+services = 0.001536
+set = 0.001536
+setting = 0.001536
+shutdown = 0.001536
+shutting = 0.001536
+sidecar = 0.001536
+sidecarname = 0.001536
+sidecarprocessname = 0.001536
+signal = 0.001536
+singleton = 0.001536
+spotlight = 0.001536
+stanza = 0.001536
+stanzaname = 0.001536
+start = 0.001536
+starting = 0.001536
+starts = 0.001536
+successfully = 0.001536
+svc = 0.001536
+tcp = 0.001536
+telemetry = 0.001536
+teleportplugin = 0.001536
+time = 0.001536
+traefik = 0.001536
+transport = 0.001536
+update = 0.001536
+uri = 0.001536
+url = 0.001536
+using = 0.001536
+value = 0.001536
+var = 0.001536
+warn = 0.001536
+websocket = 0.001536
+without = 0.001536
+
+[/opt/splunk/var/log/splunk/sup-pkg-ipc_broker-stdout.log_Sat_Oct_25_21:52:23_2025_744375384]
+L-{\\"\\":\\"\\",\\"\\": = 0.743976
+_source = /opt/splunk/var/log/splunk/sup-pkg-ipc_broker-stdout.log
+_sourcetype = sup-pkg-ipc_broker-stdout-2
+able = 0.003012
+address = 0.003012
+allocated = 0.003012
+allocatedport = 0.003012
+allocating = 0.003012
+allocation = 0.003012
+bbolt = 0.003012
+broker = 0.003012
+client = 0.003012
+cmp = 0.003012
+conf = 0.003012
+config = 0.003012
+control = 0.003012
+database = 0.003012
+datastore = 0.003012
+defined = 0.003012
+discovery = 0.003012
+durationms = 0.003012
+dynamic = 0.003012
+error = 0.003012
+existing = 0.003012
+expectedports = 0.003012
+file = 0.003012
+for = 0.003012
+found = 0.003012
+get = 0.003012
+getting = 0.003012
+handle = 0.003012
+handled = 0.003012
+hostname = 0.003012
+http = 0.003012
+https = 0.003012
+info = 0.003012
+inserting = 0.003012
+instead = 0.003012
+ipc = 0.003012
+json = 0.003012
+key = 0.003012
+level = 0.003012
+location = 0.003012
+matching = 0.003012
+message = 0.003012
+method = 0.003012
+mode = 0.003012
+nanny = 0.003012
+new = 0.003012
+not = 0.003012
+opamp = 0.003012
+operation = 0.003012
+orchestrator = 0.003012
+output = 0.003012
+plane = 0.003012
+port = 0.003012
+portconfigured = 0.003012
+ports = 0.003012
+postgres = 0.003012
+pre = 0.003012
+primary = 0.003012
+properties = 0.003012
+record = 0.003012
+registration = 0.003012
+registry = 0.003012
+replica = 0.003012
+request = 0.003012
+rest = 0.003012
+retrieve = 0.003012
+sending = 0.003012
+server = 0.003012
+service = 0.003012
+servicename = 0.003012
+services = 0.003012
+sidecar = 0.003012
+sidecarname = 0.003012
+stanza = 0.003012
+starts = 0.003012
+successfully = 0.003012
+svc = 0.003012
+time = 0.003012
+traefik = 0.003012
+update = 0.003012
+uri = 0.003012
+using = 0.003012
+value = 0.003012
+warn = 0.003012
+websocket = 0.003012
+
+[/opt/splunk/var/log/splunk/sup-pkg-cmp-orchestrator.log_Sat_Oct_25_21:52:26_2025_1149856673]
+L-../-/-//.( = 0.066700
+L-../-/-///. = 0.107823
+L-../-/-//// = 0.112839
+L-..//--//.. = 0.034102
+L-//_::_:___ = 0.042126
+L-//_::_L7(--: = 0.052658
+L-//_::_L7(L7)__ = 0.057673
+L-//_::__... = 0.019559
+L-//_::__\\":/ = 0.088766
+L-//_::____ = 0.025075
+L-//_::____. = 0.042628
+L-//_::_____ = 0.035105
+L-:___L7(::L7):: = 0.027583
+L-__..//--// = 0.043129
+L-__L7(L7): = 0.011535
+L-t//-/-///. = 0.041123
+L-t//-/-//// = 0.043631
+L-t////..//- = 0.048646
+_source = /opt/splunk/var/log/splunk/sup-pkg-cmp-orchestrator.log
+_sourcetype = sup-pkg-cmp-orchestrator-4
+
+[/opt/splunk/var/log/splunk/sup-pkg-cmp-orchestrator.log_Sat_Oct_25_21:52:26_2025_1126259121]
+L-../-/-//.( = 0.081495
+L-../-/-///. = 0.131740
+L-../-/-//// = 0.132966
+L-..//--//.. = 0.041667
+L-//_::_L7(--: = 0.064338
+L-//_::_L7(L7)__ = 0.063113
+L-//_::__\\":/ = 0.109069
+L-//_::_____ = 0.042892
+L-:___L7(::L7):: = 0.033701
+L-__..//--// = 0.052696
+L-__L7(L7): = 0.014093
+L-t//-/-///. = 0.050245
+L-t//-/-//// = 0.052696
+L-t////..//- = 0.059436
+_source = /opt/splunk/var/log/splunk/sup-pkg-cmp-orchestrator.log
+_sourcetype = sup-pkg-cmp-orchestrator-4
+
+[/opt/splunk/var/log/splunk/sup-pkg-cmp-orchestrator.log_Sat_Oct_25_21:52:26_2025_301222986]
+L-../-/-//.( = 0.070111
+L-../-/-///. = 0.113337
+L-../-/-//// = 0.114391
+L-..//--//.. = 0.035846
+L-//_::_L7(--: = 0.055351
+L-//_::_L7(L7)__ = 0.060622
+L-//_::__\\":/ = 0.237744
+L-//_::_____ = 0.036900
+L-:___L7(::L7):: = 0.028993
+L-__..//--// = 0.045335
+L-__L7(L7): = 0.012652
+L-t//-/-///. = 0.043226
+L-t//-/-//// = 0.045335
+L-t////..//- = 0.051133
+_source = /opt/splunk/var/log/splunk/sup-pkg-cmp-orchestrator.log
+_sourcetype = sup-pkg-cmp-orchestrator-4
+
+[/opt/splunk/var/log/splunk/sup-pkg-postgres.log_Sat_Oct_25_21:52:28_2025_2138462857]
+L-//_::_L7(L7)__ = 0.823529
+_source = /opt/splunk/var/log/splunk/sup-pkg-postgres.log
+_sourcetype = sup-pkg-postgres-4
+admin = 0.008403
+clustered = 0.008403
+debug = 0.008403
+disabled = 0.008403
+enable = 0.008403
+get = 0.008403
+https = 0.008403
+json = 0.008403
+kvstore = 0.008403
+mode = 0.008403
+nobody = 0.008403
+output = 0.008403
+passwords = 0.008403
+post = 0.008403
+postgres = 0.008403
+properties = 0.008403
+server = 0.008403
+services = 0.008403
+servicesns = 0.008403
+storage = 0.008403
+system = 0.008403
+
+[/opt/splunk/var/log/splunk/sup-pkg-edge-processor-config.log_Sat_Oct_25_21:52:32_2025_2077109299]
+L-:__L7(---L7),_ = 0.418750
+L-:___:_L7(_/. = 0.056250
+L-:___L7(.L7)___ = 0.145833
+L-:___L7(L7) = 0.032292
+L-:___L7(\\"---\\" = 0.061458
+L-:____ = 0.058333
+L-:____'' = 0.065625
+L-_,__::__.. = 0.080208
+_source = /opt/splunk/var/log/splunk/sup-pkg-edge-processor-config.log
+_sourcetype = sup-pkg-edge-processor-config-4
+abstractendpoint = 0.001042
+abstractprotocol = 0.001042
+added = 0.001042
+alias = 0.001042
+and = 0.001042
+apache = 0.001042
+applicationcontext = 0.001042
+certificate = 0.001042
+chain = 0.001042
+check = 0.001042
+config = 0.001042
+configured = 0.001042
+connector = 0.001042
+core = 0.001042
+coyote = 0.001042
+crt = 0.001042
+data = 0.001042
+default = 0.001042
+dispatcherservlet = 0.001042
+edge = 0.001042
+embedded = 0.001042
+engine = 0.001042
+from = 0.001042
+home = 0.001042
+host = 0.001042
+https = 0.001042
+info = 0.001042
+init = 0.001042
+initializing = 0.001042
+jsse = 0.001042
+key = 0.001042
+keystore = 0.001042
+list = 0.001042
+log = 0.001042
+logcertificate = 0.001042
+missing = 0.001042
+named = 0.001042
+net = 0.001042
+nio = 0.001042
+null = 0.001042
+opt = 0.001042
+org = 0.001042
+packages = 0.001042
+plane = 0.001042
+prefix = 0.001042
+private = 0.001042
+processor = 0.001042
+protocol = 0.001042
+protocolhandler = 0.001042
+protocols = 0.001042
+server = 0.001042
+service = 0.001042
+servlet = 0.001042
+setprotocols = 0.001042
+spring = 0.001042
+sslhostconfig = 0.001042
+standardengine = 0.001042
+standardservice = 0.001042
+start = 0.001042
+starting = 0.001042
+startinternal = 0.001042
+stopinternal = 0.001042
+stopping = 0.001042
+store = 0.001042
+the = 0.001042
+tls = 0.001042
+tlsv = 0.001042
+tomcat = 0.001042
+trust = 0.001042
+type = 0.001042
+undefined = 0.001042
+using = 0.001042
+util = 0.001042
+var = 0.001042
+virtual = 0.001042
+warning = 0.001042
+was = 0.001042
+with = 0.001042
+
+[/opt/splunk/var/log/splunk/sup-pkg-opamp-svc.log_Sat_Oct_25_21:52:32_2025_1477975140]
+L-//_::_:___ = 0.215152
+L-//_::__:__ = 0.451515
+L-//_::____. = 0.245455
+_source = /opt/splunk/var/log/splunk/sup-pkg-opamp-svc.log
+_sourcetype = sup-pkg-opamp-svc-3
+add = 0.003030
+agents = 0.003030
+and = 0.003030
+client = 0.003030
+columns = 0.003030
+config = 0.003030
+connection = 0.003030
+create = 0.003030
+database = 0.003030
+establish = 0.003030
+exceeded = 0.003030
+exit = 0.003030
+failed = 0.003030
+for = 0.003030
+goose = 0.003030
+heartbeat = 0.003030
+initialize = 0.003030
+max = 0.003030
+migrated = 0.003030
+migrations = 0.003030
+package = 0.003030
+packages = 0.003030
+plan = 0.003030
+retries = 0.003030
+sql = 0.003030
+successfully = 0.003030
+table = 0.003030
+version = 0.003030
+workload = 0.003030
+
+[/opt/splunk/var/log/splunk/sup-pkg-spotlight-collector.log_Mon_Oct_27_21:28:40_2025_805851720]
+L---::.+tt/. = 0.646655
+L---::.+tt@. = 0.159520
+L-//_::__... = 0.066895
+_source = /opt/splunk/var/log/splunk/sup-pkg-spotlight-collector.log
+_sourcetype = sup-pkg-spotlight-collector-3
+added = 0.001715
+agent = 0.001715
+and = 0.001715
+begin = 0.001715
+broker = 0.001715
+builders = 0.001715
+cmp = 0.001715
+collector = 0.001715
+component = 0.001715
+config = 0.001715
+data = 0.001715
+discovery = 0.001715
+edge = 0.001715
+endpoint = 0.001715
+everything = 0.001715
+exporter = 0.001715
+extensions = 0.001715
+failed = 0.001715
+file = 0.001715
+from = 0.001715
+grpc = 0.001715
+identity = 0.001715
+info = 0.001715
+instance = 0.001715
+internal = 0.001715
+ipc = 0.001715
+job = 0.001715
+jobname = 0.001715
+kind = 0.001715
+labels = 0.001715
+level = 0.001715
+localhost = 0.001715
+manager = 0.001715
+metrics = 0.001715
+name = 0.001715
+numcpu = 0.001715
+opamp = 0.001715
+orchestrator = 0.001715
+otel = 0.001715
+otelcol = 0.001715
+otlp = 0.001715
+otlpreceiver = 0.001715
+own = 0.001715
+package = 0.001715
+packages = 0.001715
+postgres = 0.001715
+processing = 0.001715
+processor = 0.001715
+prometheus = 0.001715
+prometheusreceiver = 0.001715
+ready = 0.001715
+received = 0.001715
+receiver = 0.001715
+running = 0.001715
+scrape = 0.001715
+server = 0.001715
+service = 0.001715
+setting = 0.001715
+signal = 0.001715
+spotlight = 0.001715
+stability = 0.001715
+starting = 0.001715
+stopping = 0.001715
+supervisor = 0.001715
+svc = 0.001715
+target = 0.001715
+targetallocator = 0.001715
+telemetry = 0.001715
+terminated = 0.001715
+timestamp = 0.001715
+transaction = 0.001715
+undefined = 0.001715
+version = 0.001715
+warn = 0.001715
+
+[/opt/splunk/var/log/splunk/sup-pkg-postgres.log_Mon_Oct_27_21:28:48_2025_2088265189]
+L-//_::_L7(L7)__ = 0.823529
+_source = /opt/splunk/var/log/splunk/sup-pkg-postgres.log
+_sourcetype = sup-pkg-postgres-5
+admin = 0.008403
+clustered = 0.008403
+debug = 0.008403
+disabled = 0.008403
+enable = 0.008403
+get = 0.008403
+https = 0.008403
+json = 0.008403
+kvstore = 0.008403
+mode = 0.008403
+nobody = 0.008403
+output = 0.008403
+passwords = 0.008403
+post = 0.008403
+postgres = 0.008403
+properties = 0.008403
+server = 0.008403
+services = 0.008403
+servicesns = 0.008403
+storage = 0.008403
+system = 0.008403
+
+[/opt/splunk/var/log/splunk/sup-pkg-opamp-svc.log_Mon_Oct_27_21:28:53_2025_1008367970]
+L-//_::_:___ = 0.191892
+L-//_::__... = 0.105405
+L-//_::__:__ = 0.402703
+L-//_::____. = 0.218919
+_source = /opt/splunk/var/log/splunk/sup-pkg-opamp-svc.log
+_sourcetype = sup-pkg-opamp-svc-4
+add = 0.002703
+agents = 0.002703
+and = 0.002703
+client = 0.002703
+columns = 0.002703
+config = 0.002703
+connection = 0.002703
+create = 0.002703
+database = 0.002703
+establish = 0.002703
+exceeded = 0.002703
+exit = 0.002703
+failed = 0.002703
+for = 0.002703
+goose = 0.002703
+heartbeat = 0.002703
+initialize = 0.002703
+max = 0.002703
+migrated = 0.002703
+migrations = 0.002703
+package = 0.002703
+packages = 0.002703
+plan = 0.002703
+retries = 0.002703
+sql = 0.002703
+stopping = 0.002703
+successfully = 0.002703
+table = 0.002703
+version = 0.002703
+workload = 0.002703
+
+[/opt/splunk/var/log/splunk/sup-pkg-opamp-svc.log_Mon_Oct_27_21:28:53_2025_1828069850]
+L-//_::__:__ = 0.919753
+_source = /opt/splunk/var/log/splunk/sup-pkg-opamp-svc.log
+_sourcetype = sup-pkg-opamp-svc-4
+client = 0.006173
+connection = 0.006173
+database = 0.006173
+establish = 0.006173
+exceeded = 0.006173
+exit = 0.006173
+failed = 0.006173
+for = 0.006173
+initialize = 0.006173
+max = 0.006173
+migrations = 0.006173
+retries = 0.006173
+workload = 0.006173
+
+[/opt/splunk/var/log/splunk/sup-pkg-postgres.log_Tue_Oct_28_22:16:20_2025_785113672]
+L-//_::_L7(L7)__ = 0.823529
+_source = /opt/splunk/var/log/splunk/sup-pkg-postgres.log
+_sourcetype = sup-pkg-postgres-6
+admin = 0.008403
+clustered = 0.008403
+debug = 0.008403
+disabled = 0.008403
+enable = 0.008403
+get = 0.008403
+https = 0.008403
+json = 0.008403
+kvstore = 0.008403
+mode = 0.008403
+nobody = 0.008403
+output = 0.008403
+passwords = 0.008403
+post = 0.008403
+postgres = 0.008403
+properties = 0.008403
+server = 0.008403
+services = 0.008403
+servicesns = 0.008403
+storage = 0.008403
+system = 0.008403
+
+[/opt/splunk/var/log/splunk/sup-pkg-postgres.log_Tue_Nov__4_06:55:06_2025_747683535]
+L-//_::_L7(L7)__ = 0.823529
+_source = /opt/splunk/var/log/splunk/sup-pkg-postgres.log
+_sourcetype = sup-pkg-postgres-7
+admin = 0.008403
+clustered = 0.008403
+debug = 0.008403
+disabled = 0.008403
+enable = 0.008403
+get = 0.008403
+https = 0.008403
+json = 0.008403
+kvstore = 0.008403
+mode = 0.008403
+nobody = 0.008403
+output = 0.008403
+passwords = 0.008403
+post = 0.008403
+postgres = 0.008403
+properties = 0.008403
+server = 0.008403
+services = 0.008403
+servicesns = 0.008403
+storage = 0.008403
+system = 0.008403
+
+[/opt/splunk/var/log/splunk/sup-pkg-postgres.log_Mon_Nov_10_18:17:31_2025_1113963345]
+L-//_::_L7(L7)__ = 0.823529
+_source = /opt/splunk/var/log/splunk/sup-pkg-postgres.log
+_sourcetype = sup-pkg-postgres-8
+admin = 0.008403
+clustered = 0.008403
+debug = 0.008403
+disabled = 0.008403
+enable = 0.008403
+get = 0.008403
+https = 0.008403
+json = 0.008403
+kvstore = 0.008403
+mode = 0.008403
+nobody = 0.008403
+output = 0.008403
+passwords = 0.008403
+post = 0.008403
+postgres = 0.008403
+properties = 0.008403
+server = 0.008403
+services = 0.008403
+servicesns = 0.008403
+storage = 0.008403
+system = 0.008403
+
+[/opt/splunk/var/log/splunk/sup-pkg-postgres.log_Mon_Nov_10_18:28:15_2025_370385142]
+L-//_::_L7(L7)__ = 0.823529
+_source = /opt/splunk/var/log/splunk/sup-pkg-postgres.log
+_sourcetype = sup-pkg-postgres-9
+admin = 0.008403
+clustered = 0.008403
+debug = 0.008403
+disabled = 0.008403
+enable = 0.008403
+get = 0.008403
+https = 0.008403
+json = 0.008403
+kvstore = 0.008403
+mode = 0.008403
+nobody = 0.008403
+output = 0.008403
+passwords = 0.008403
+post = 0.008403
+postgres = 0.008403
+properties = 0.008403
+server = 0.008403
+services = 0.008403
+servicesns = 0.008403
+storage = 0.008403
+system = 0.008403
+
+[/opt/splunk/var/log/splunk/sup-pkg-postgres.log_Mon_Nov_10_18:44:34_2025_862507575]
+L-//_::_L7(L7)__ = 0.823529
+_source = /opt/splunk/var/log/splunk/sup-pkg-postgres.log
+_sourcetype = sup-pkg-postgres-10
+admin = 0.008403
+clustered = 0.008403
+debug = 0.008403
+disabled = 0.008403
+enable = 0.008403
+get = 0.008403
+https = 0.008403
+json = 0.008403
+kvstore = 0.008403
+mode = 0.008403
+nobody = 0.008403
+output = 0.008403
+passwords = 0.008403
+post = 0.008403
+postgres = 0.008403
+properties = 0.008403
+server = 0.008403
+services = 0.008403
+servicesns = 0.008403
+storage = 0.008403
+system = 0.008403
+
+[/opt/splunk/var/log/splunk/sup-pkg-postgres.log_Mon_Nov_10_19:23:06_2025_636692360]
+L-//_::_L7(L7)__ = 0.823529
+_source = /opt/splunk/var/log/splunk/sup-pkg-postgres.log
+_sourcetype = sup-pkg-postgres-11
+admin = 0.008403
+clustered = 0.008403
+debug = 0.008403
+disabled = 0.008403
+enable = 0.008403
+get = 0.008403
+https = 0.008403
+json = 0.008403
+kvstore = 0.008403
+mode = 0.008403
+nobody = 0.008403
+output = 0.008403
+passwords = 0.008403
+post = 0.008403
+postgres = 0.008403
+properties = 0.008403
+server = 0.008403
+services = 0.008403
+servicesns = 0.008403
+storage = 0.008403
+system = 0.008403
+
+[/opt/splunk/var/log/splunk/sup-pkg-postgres.log_Mon_Nov_10_22:10:39_2025_1498328013]
+L-//_::_L7(L7)__ = 0.823529
+_source = /opt/splunk/var/log/splunk/sup-pkg-postgres.log
+_sourcetype = sup-pkg-postgres-12
+admin = 0.008403
+clustered = 0.008403
+debug = 0.008403
+disabled = 0.008403
+enable = 0.008403
+get = 0.008403
+https = 0.008403
+json = 0.008403
+kvstore = 0.008403
+mode = 0.008403
+nobody = 0.008403
+output = 0.008403
+passwords = 0.008403
+post = 0.008403
+postgres = 0.008403
+properties = 0.008403
+server = 0.008403
+services = 0.008403
+servicesns = 0.008403
+storage = 0.008403
+system = 0.008403
+
+[/opt/splunk/var/log/splunk/upgrader_package_delivery.log_Tue_Nov_11_17:21:47_2025_915346237]
+L----::_____ = 0.892857
+_source = /opt/splunk/var/log/splunk/upgrader_package_delivery.log
+_sourcetype = upgrader_package_delivery-2
+any = 0.005952
+app = 0.005952
+apps = 0.005952
+are = 0.005952
+available = 0.005952
+bin = 0.005952
+canceling = 0.005952
+checking = 0.005952
+delivery = 0.005952
+etc = 0.005952
+forwarder = 0.005952
+linux = 0.005952
+local = 0.005952
+opt = 0.005952
+package = 0.005952
+packages = 0.005952
+remote = 0.005952
+upgrade = 0.005952
+
+[/opt/splunk/var/log/splunk/sup-pkg-postgres.log_Tue_Nov_11_18:13:35_2025_1502835522]
+L-//_::_L7(L7)__ = 0.823529
+_source = /opt/splunk/var/log/splunk/sup-pkg-postgres.log
+_sourcetype = sup-pkg-postgres-13
+admin = 0.008403
+clustered = 0.008403
+debug = 0.008403
+disabled = 0.008403
+enable = 0.008403
+get = 0.008403
+https = 0.008403
+json = 0.008403
+kvstore = 0.008403
+mode = 0.008403
+nobody = 0.008403
+output = 0.008403
+passwords = 0.008403
+post = 0.008403
+postgres = 0.008403
+properties = 0.008403
+server = 0.008403
+services = 0.008403
+servicesns = 0.008403
+storage = 0.008403
+system = 0.008403
+
+[/opt/splunk/var/log/splunk/splunk_instrumentation.log_Tue_Nov_11_18:13:40_2025_1457943198]
+L---_::,__L7(. = 0.497110
+L---_::,__L7(: = 0.372832
+_source = /opt/splunk/var/log/splunk/splunk_instrumentation.log
+_sourcetype = splunk_instrumentation-2
+action = 0.002890
+addon = 0.002890
+admin = 0.002890
+application = 0.002890
+apps = 0.002890
+bin = 0.002890
+btool = 0.002890
+cherrypy = 0.002890
+conf = 0.002890
+cpu = 0.002890
+default = 0.002890
+deployment = 0.002890
+endpoint = 0.002890
+error = 0.002890
+etc = 0.002890
+filemods = 0.002890
+fileuploade = 0.002890
+for = 0.002890
+found = 0.002890
+hinting = 0.002890
+indexcreation = 0.002890
+indexes = 0.002890
+info = 0.002890
+init = 0.002890
+inputs = 0.002890
+item = 0.002890
+itsi = 0.002890
+list = 0.002890
+metric = 0.002890
+metricator = 0.002890
+nix = 0.002890
+nmon = 0.002890
+param = 0.002890
+pipeline = 0.002890
+pipelines = 0.002890
+read = 0.002890
+reason = 0.002890
+search = 0.002890
+spec = 0.002890
+status = 0.002890
+support = 0.002890
+tar = 0.002890
+the = 0.002890
+transforms = 0.002890
+user = 0.002890
+
+[/opt/splunk/var/log/splunk/sup-pkg-postgres.log_Wed_Nov_26_23:19:26_2025_1920503782]
+L-//_::_L7(L7)__ = 0.823529
+_source = /opt/splunk/var/log/splunk/sup-pkg-postgres.log
+_sourcetype = sup-pkg-postgres-14
+admin = 0.008403
+clustered = 0.008403
+debug = 0.008403
+disabled = 0.008403
+enable = 0.008403
+get = 0.008403
+https = 0.008403
+json = 0.008403
+kvstore = 0.008403
+mode = 0.008403
+nobody = 0.008403
+output = 0.008403
+passwords = 0.008403
+post = 0.008403
+postgres = 0.008403
+properties = 0.008403
+server = 0.008403
+services = 0.008403
+servicesns = 0.008403
+storage = 0.008403
+system = 0.008403
+
+[/opt/splunk/var/log/splunk/sup-pkg-postgres.log_Thu_Nov_27_23:20:10_2025_51752181]
+L-//_::_L7(L7)__ = 0.823529
+_source = /opt/splunk/var/log/splunk/sup-pkg-postgres.log
+_sourcetype = sup-pkg-postgres-15
+admin = 0.008403
+clustered = 0.008403
+debug = 0.008403
+disabled = 0.008403
+enable = 0.008403
+get = 0.008403
+https = 0.008403
+json = 0.008403
+kvstore = 0.008403
+mode = 0.008403
+nobody = 0.008403
+output = 0.008403
+passwords = 0.008403
+post = 0.008403
+postgres = 0.008403
+properties = 0.008403
+server = 0.008403
+services = 0.008403
+servicesns = 0.008403
+storage = 0.008403
+system = 0.008403
+
+[/opt/splunk/var/log/splunk/sup-pkg-postgres.log_Fri_Nov_28_17:21:49_2025_321352134]
+L-//_::_L7(L7)__ = 0.823529
+_source = /opt/splunk/var/log/splunk/sup-pkg-postgres.log
+_sourcetype = sup-pkg-postgres-16
+admin = 0.008403
+clustered = 0.008403
+debug = 0.008403
+disabled = 0.008403
+enable = 0.008403
+get = 0.008403
+https = 0.008403
+json = 0.008403
+kvstore = 0.008403
+mode = 0.008403
+nobody = 0.008403
+output = 0.008403
+passwords = 0.008403
+post = 0.008403
+postgres = 0.008403
+properties = 0.008403
+server = 0.008403
+services = 0.008403
+servicesns = 0.008403
+storage = 0.008403
+system = 0.008403
+
+[/opt/splunk/var/log/splunk/sup-pkg-postgres.log_Fri_Nov_28_20:52:24_2025_755947375]
+L-//_::_L7(L7)__ = 0.823529
+_source = /opt/splunk/var/log/splunk/sup-pkg-postgres.log
+_sourcetype = sup-pkg-postgres-17
+admin = 0.008403
+clustered = 0.008403
+debug = 0.008403
+disabled = 0.008403
+enable = 0.008403
+get = 0.008403
+https = 0.008403
+json = 0.008403
+kvstore = 0.008403
+mode = 0.008403
+nobody = 0.008403
+output = 0.008403
+passwords = 0.008403
+post = 0.008403
+postgres = 0.008403
+properties = 0.008403
+server = 0.008403
+services = 0.008403
+servicesns = 0.008403
+storage = 0.008403
+system = 0.008403
+
+[/opt/splunk/var/log/splunk/sup-pkg-postgres.log_Fri_Nov_28_23:52:59_2025_1192264977]
+L-//_::_L7(L7)__ = 0.823529
+_source = /opt/splunk/var/log/splunk/sup-pkg-postgres.log
+_sourcetype = sup-pkg-postgres-18
+admin = 0.008403
+clustered = 0.008403
+debug = 0.008403
+disabled = 0.008403
+enable = 0.008403
+get = 0.008403
+https = 0.008403
+json = 0.008403
+kvstore = 0.008403
+mode = 0.008403
+nobody = 0.008403
+output = 0.008403
+passwords = 0.008403
+post = 0.008403
+postgres = 0.008403
+properties = 0.008403
+server = 0.008403
+services = 0.008403
+servicesns = 0.008403
+storage = 0.008403
+system = 0.008403
+
+[/opt/splunk/var/log/splunk/sup-pkg-postgres.log_Sat_Nov_29_00:29:54_2025_407609197]
+L-//_::_L7(L7)__ = 0.823529
+_source = /opt/splunk/var/log/splunk/sup-pkg-postgres.log
+_sourcetype = sup-pkg-postgres-19
+admin = 0.008403
+clustered = 0.008403
+debug = 0.008403
+disabled = 0.008403
+enable = 0.008403
+get = 0.008403
+https = 0.008403
+json = 0.008403
+kvstore = 0.008403
+mode = 0.008403
+nobody = 0.008403
+output = 0.008403
+passwords = 0.008403
+post = 0.008403
+postgres = 0.008403
+properties = 0.008403
+server = 0.008403
+services = 0.008403
+servicesns = 0.008403
+storage = 0.008403
+system = 0.008403
+
+[/opt/splunk/var/log/splunk/sup-pkg-postgres.log_Sun_Nov_30_23:00:55_2025_942386994]
+L-//_::_L7(L7)__ = 0.823529
+_source = /opt/splunk/var/log/splunk/sup-pkg-postgres.log
+_sourcetype = sup-pkg-postgres-20
+admin = 0.008403
+clustered = 0.008403
+debug = 0.008403
+disabled = 0.008403
+enable = 0.008403
+get = 0.008403
+https = 0.008403
+json = 0.008403
+kvstore = 0.008403
+mode = 0.008403
+nobody = 0.008403
+output = 0.008403
+passwords = 0.008403
+post = 0.008403
+postgres = 0.008403
+properties = 0.008403
+server = 0.008403
+services = 0.008403
+servicesns = 0.008403
+storage = 0.008403
+system = 0.008403
+
+[/opt/splunk/var/log/splunk/sup-pkg-postgres.log_Sun_Nov_30_23:45:51_2025_1404419310]
+L-//_::_L7(L7)__ = 0.823529
+_source = /opt/splunk/var/log/splunk/sup-pkg-postgres.log
+_sourcetype = sup-pkg-postgres-21
+admin = 0.008403
+clustered = 0.008403
+debug = 0.008403
+disabled = 0.008403
+enable = 0.008403
+get = 0.008403
+https = 0.008403
+json = 0.008403
+kvstore = 0.008403
+mode = 0.008403
+nobody = 0.008403
+output = 0.008403
+passwords = 0.008403
+post = 0.008403
+postgres = 0.008403
+properties = 0.008403
+server = 0.008403
+services = 0.008403
+servicesns = 0.008403
+storage = 0.008403
+system = 0.008403
+
+[/opt/splunk/var/log/splunk/sup-pkg-postgres.log_Mon_Dec__1_00:09:39_2025_1068328262]
+L-//_::_L7(L7)__ = 0.823529
+_source = /opt/splunk/var/log/splunk/sup-pkg-postgres.log
+_sourcetype = sup-pkg-postgres-22
+admin = 0.008403
+clustered = 0.008403
+debug = 0.008403
+disabled = 0.008403
+enable = 0.008403
+get = 0.008403
+https = 0.008403
+json = 0.008403
+kvstore = 0.008403
+mode = 0.008403
+nobody = 0.008403
+output = 0.008403
+passwords = 0.008403
+post = 0.008403
+postgres = 0.008403
+properties = 0.008403
+server = 0.008403
+services = 0.008403
+servicesns = 0.008403
+storage = 0.008403
+system = 0.008403
+
+[/opt/splunk/var/log/splunk/sup-pkg-postgres.log_Mon_Dec__1_13:47:47_2025_384899471]
+L-//_::_L7(L7)__ = 0.823529
+_source = /opt/splunk/var/log/splunk/sup-pkg-postgres.log
+_sourcetype = sup-pkg-postgres-23
+admin = 0.008403
+clustered = 0.008403
+debug = 0.008403
+disabled = 0.008403
+enable = 0.008403
+get = 0.008403
+https = 0.008403
+json = 0.008403
+kvstore = 0.008403
+mode = 0.008403
+nobody = 0.008403
+output = 0.008403
+passwords = 0.008403
+post = 0.008403
+postgres = 0.008403
+properties = 0.008403
+server = 0.008403
+services = 0.008403
+servicesns = 0.008403
+storage = 0.008403
+system = 0.008403
+
+[/opt/splunk/var/log/splunk/sup-pkg-postgres.log_Mon_Dec__1_14:27:43_2025_919905266]
+L-//_::_L7(L7)__ = 0.823529
+_source = /opt/splunk/var/log/splunk/sup-pkg-postgres.log
+_sourcetype = sup-pkg-postgres-24
+admin = 0.008403
+clustered = 0.008403
+debug = 0.008403
+disabled = 0.008403
+enable = 0.008403
+get = 0.008403
+https = 0.008403
+json = 0.008403
+kvstore = 0.008403
+mode = 0.008403
+nobody = 0.008403
+output = 0.008403
+passwords = 0.008403
+post = 0.008403
+postgres = 0.008403
+properties = 0.008403
+server = 0.008403
+services = 0.008403
+servicesns = 0.008403
+storage = 0.008403
+system = 0.008403
+
+[/opt/splunk/var/log/splunk/sup-pkg-postgres.log_Mon_Dec__1_15:30:23_2025_1334049448]
+L-//_::_L7(L7)__ = 0.823529
+_source = /opt/splunk/var/log/splunk/sup-pkg-postgres.log
+_sourcetype = sup-pkg-postgres-25
+admin = 0.008403
+clustered = 0.008403
+debug = 0.008403
+disabled = 0.008403
+enable = 0.008403
+get = 0.008403
+https = 0.008403
+json = 0.008403
+kvstore = 0.008403
+mode = 0.008403
+nobody = 0.008403
+output = 0.008403
+passwords = 0.008403
+post = 0.008403
+postgres = 0.008403
+properties = 0.008403
+server = 0.008403
+services = 0.008403
+servicesns = 0.008403
+storage = 0.008403
+system = 0.008403
+
+[/opt/splunk/var/log/splunk/sup-pkg-postgres.log_Mon_Dec__1_20:05:19_2025_1617536899]
+L-//_::_L7(L7)__ = 0.823529
+_source = /opt/splunk/var/log/splunk/sup-pkg-postgres.log
+_sourcetype = sup-pkg-postgres-26
+admin = 0.008403
+clustered = 0.008403
+debug = 0.008403
+disabled = 0.008403
+enable = 0.008403
+get = 0.008403
+https = 0.008403
+json = 0.008403
+kvstore = 0.008403
+mode = 0.008403
+nobody = 0.008403
+output = 0.008403
+passwords = 0.008403
+post = 0.008403
+postgres = 0.008403
+properties = 0.008403
+server = 0.008403
+services = 0.008403
+servicesns = 0.008403
+storage = 0.008403
+system = 0.008403
+
+[/opt/splunk/var/log/splunk/sup-pkg-postgres.log_Mon_Dec__1_21:59:00_2025_541137574]
+L-//_::_L7(L7)__ = 0.823529
+_source = /opt/splunk/var/log/splunk/sup-pkg-postgres.log
+_sourcetype = sup-pkg-postgres-27
+admin = 0.008403
+clustered = 0.008403
+debug = 0.008403
+disabled = 0.008403
+enable = 0.008403
+get = 0.008403
+https = 0.008403
+json = 0.008403
+kvstore = 0.008403
+mode = 0.008403
+nobody = 0.008403
+output = 0.008403
+passwords = 0.008403
+post = 0.008403
+postgres = 0.008403
+properties = 0.008403
+server = 0.008403
+services = 0.008403
+servicesns = 0.008403
+storage = 0.008403
+system = 0.008403
+
+[/opt/splunk/var/log/splunk/sup-pkg-postgres.log_Tue_Dec__2_22:06:15_2025_563846931]
+L-//_::_L7(L7)__ = 0.823529
+_source = /opt/splunk/var/log/splunk/sup-pkg-postgres.log
+_sourcetype = sup-pkg-postgres-28
+admin = 0.008403
+clustered = 0.008403
+debug = 0.008403
+disabled = 0.008403
+enable = 0.008403
+get = 0.008403
+https = 0.008403
+json = 0.008403
+kvstore = 0.008403
+mode = 0.008403
+nobody = 0.008403
+output = 0.008403
+passwords = 0.008403
+post = 0.008403
+postgres = 0.008403
+properties = 0.008403
+server = 0.008403
+services = 0.008403
+servicesns = 0.008403
+storage = 0.008403
+system = 0.008403
+
+[/opt/splunk/var/log/splunk/sup-pkg-spotlight-collector.log_Wed_Dec__3_21:38:57_2025_913226333]
+L---::.+tt/. = 0.517595
+L---::.+tt@. = 0.315249
+L-//_::__... = 0.057185
+_source = /opt/splunk/var/log/splunk/sup-pkg-spotlight-collector.log
+_sourcetype = sup-pkg-spotlight-collector-4
+added = 0.001466
+agent = 0.001466
+and = 0.001466
+begin = 0.001466
+broker = 0.001466
+builders = 0.001466
+cmp = 0.001466
+collector = 0.001466
+component = 0.001466
+config = 0.001466
+data = 0.001466
+discovery = 0.001466
+edge = 0.001466
+endpoint = 0.001466
+everything = 0.001466
+exporter = 0.001466
+extensions = 0.001466
+failed = 0.001466
+file = 0.001466
+from = 0.001466
+grpc = 0.001466
+identity = 0.001466
+info = 0.001466
+instance = 0.001466
+internal = 0.001466
+ipc = 0.001466
+job = 0.001466
+jobname = 0.001466
+kind = 0.001466
+labels = 0.001466
+level = 0.001466
+localhost = 0.001466
+manager = 0.001466
+metrics = 0.001466
+name = 0.001466
+numcpu = 0.001466
+opamp = 0.001466
+orchestrator = 0.001466
+otel = 0.001466
+otelcol = 0.001466
+otlp = 0.001466
+otlpreceiver = 0.001466
+own = 0.001466
+package = 0.001466
+packages = 0.001466
+postgres = 0.001466
+processing = 0.001466
+processor = 0.001466
+prometheus = 0.001466
+prometheusreceiver = 0.001466
+ready = 0.001466
+received = 0.001466
+receiver = 0.001466
+running = 0.001466
+scrape = 0.001466
+server = 0.001466
+service = 0.001466
+setting = 0.001466
+shutdown = 0.001466
+signal = 0.001466
+spotlight = 0.001466
+stability = 0.001466
+starting = 0.001466
+stopping = 0.001466
+supervisor = 0.001466
+svc = 0.001466
+target = 0.001466
+targetallocator = 0.001466
+telemetry = 0.001466
+terminated = 0.001466
+timestamp = 0.001466
+transaction = 0.001466
+undefined = 0.001466
+version = 0.001466
+warn = 0.001466
+
+[/opt/splunk/var/log/splunk/sup-pkg-postgres.log_Wed_Dec__3_21:52:50_2025_347641891]
+L-//_::_L7(L7)__ = 0.823529
+_source = /opt/splunk/var/log/splunk/sup-pkg-postgres.log
+_sourcetype = sup-pkg-postgres-29
+admin = 0.008403
+clustered = 0.008403
+debug = 0.008403
+disabled = 0.008403
+enable = 0.008403
+get = 0.008403
+https = 0.008403
+json = 0.008403
+kvstore = 0.008403
+mode = 0.008403
+nobody = 0.008403
+output = 0.008403
+passwords = 0.008403
+post = 0.008403
+postgres = 0.008403
+properties = 0.008403
+server = 0.008403
+services = 0.008403
+servicesns = 0.008403
+storage = 0.008403
+system = 0.008403
+
+[/opt/splunk/var/log/splunk/sup-pkg-postgres.log_Wed_Dec__3_22:21:23_2025_1351108706]
+L-//_::_L7(L7)__ = 0.823529
+_source = /opt/splunk/var/log/splunk/sup-pkg-postgres.log
+_sourcetype = sup-pkg-postgres-30
+admin = 0.008403
+clustered = 0.008403
+debug = 0.008403
+disabled = 0.008403
+enable = 0.008403
+get = 0.008403
+https = 0.008403
+json = 0.008403
+kvstore = 0.008403
+mode = 0.008403
+nobody = 0.008403
+output = 0.008403
+passwords = 0.008403
+post = 0.008403
+postgres = 0.008403
+properties = 0.008403
+server = 0.008403
+services = 0.008403
+servicesns = 0.008403
+storage = 0.008403
+system = 0.008403
+
+[/opt/splunk/var/log/splunk/sup-pkg-postgres.log_Wed_Dec__3_22:32:08_2025_1367664015]
+L-//_::_L7(L7)__ = 0.823529
+_source = /opt/splunk/var/log/splunk/sup-pkg-postgres.log
+_sourcetype = sup-pkg-postgres-31
+admin = 0.008403
+clustered = 0.008403
+debug = 0.008403
+disabled = 0.008403
+enable = 0.008403
+get = 0.008403
+https = 0.008403
+json = 0.008403
+kvstore = 0.008403
+mode = 0.008403
+nobody = 0.008403
+output = 0.008403
+passwords = 0.008403
+post = 0.008403
+postgres = 0.008403
+properties = 0.008403
+server = 0.008403
+services = 0.008403
+servicesns = 0.008403
+storage = 0.008403
+system = 0.008403
+
+[/opt/splunk/var/log/splunk/sup-pkg-postgres.log_Wed_Dec__3_22:59:15_2025_513446126]
+L-//_::_L7(L7)__ = 0.823529
+_source = /opt/splunk/var/log/splunk/sup-pkg-postgres.log
+_sourcetype = sup-pkg-postgres-32
+admin = 0.008403
+clustered = 0.008403
+debug = 0.008403
+disabled = 0.008403
+enable = 0.008403
+get = 0.008403
+https = 0.008403
+json = 0.008403
+kvstore = 0.008403
+mode = 0.008403
+nobody = 0.008403
+output = 0.008403
+passwords = 0.008403
+post = 0.008403
+postgres = 0.008403
+properties = 0.008403
+server = 0.008403
+services = 0.008403
+servicesns = 0.008403
+storage = 0.008403
+system = 0.008403
+
+[/opt/splunk/var/log/splunk/gt_icon_collection.log_Sun_Dec__7_17:39:25_2025_177930135]
+L---_::,____ = 0.660550
+_source = /opt/splunk/var/log/splunk/gt_icon_collection.log
+_sourcetype = gt_icon_collection-2
+apps = 0.009174
+bin = 0.009174
+collection = 0.009174
+connecting = 0.009174
+daemon = 0.009174
+error = 0.009174
+etc = 0.009174
+glass = 0.009174
+has = 0.009174
+home = 0.009174
+https = 0.009174
+icon = 0.009174
+icons = 0.009174
+import = 0.009174
+importer = 0.009174
+info = 0.009174
+input = 0.009174
+instance = 0.009174
+itoa = 0.009174
+modular = 0.009174
+mysplunk = 0.009174
+not = 0.009174
+operation = 0.009174
+out = 0.009174
+read = 0.009174
+reloaded = 0.009174
+responding = 0.009174
+restartless = 0.009174
+running = 0.009174
+script = 0.009174
+services = 0.009174
+splunkd = 0.009174
+started = 0.009174
+table = 0.009174
+the = 0.009174
+timed = 0.009174
+upgrade = 0.009174
+
+[/opt/splunk/var/log/splunk/splunk_secure_gateway_modular_input.log.1_Sun_Dec__7_17:40:53_2025_1940995090]
+L---_::,__L7(. = 0.893186
+_source = /opt/splunk/var/log/splunk/splunk_secure_gateway_modular_input.log.1
+_sourcetype = splunk_secure_gateway_modular_input.log
+admin = 0.001842
+age = 0.001842
+alert = 0.001842
+alerts = 0.001842
+app = 0.001842
+authorization = 0.001842
+cache = 0.001842
+clean = 0.001842
+close = 0.001842
+collection = 0.001842
+connection = 0.001842
+control = 0.001842
+date = 0.001842
+days = 0.001842
+decideonstartup = 0.001842
+default = 0.001842
+delete = 0.001842
+deleted = 0.001842
+devices = 0.001842
+disabled = 0.001842
+entries = 0.001842
+expires = 0.001842
+for = 0.001842
+frame = 0.001842
+from = 0.001842
+gateway = 0.001842
+host = 0.001842
+index = 0.001842
+info = 0.001842
+init = 0.001842
+input = 0.001842
+interval = 0.001842
+invalid = 0.001842
+max = 0.001842
+mobile = 0.001842
+modular = 0.001842
+must = 0.001842
+options = 0.001842
+python = 0.001842
+recipient = 0.001842
+resources = 0.001842
+response = 0.001842
+revalidate = 0.001842
+run = 0.001842
+running = 0.001842
+sameorigin = 0.001842
+secure = 0.001842
+server = 0.001842
+splunkd = 0.001842
+ssg = 0.001842
+status = 0.001842
+store = 0.001842
+successfully = 0.001842
+ttl = 0.001842
+utility = 0.001842
+vary = 0.001842
+version = 0.001842
+with = 0.001842
+
+[/opt/splunk/var/log/splunk/splunk_secure_gateway_modular_input.log.1_Sun_Dec__7_17:40:54_2025_515013359]
+L---_::,__L7(. = 0.135007
+L-.:_____:_( = 0.160787
+L-:_L7(_L7)__ = 0.036635
+L-_(___): = 0.023066
+L-___\\"////./ = 0.067843
+L-___\\"////// = 0.093623
+L-____(,_)_EQ = 0.058345
+L-____,__EQ_. = 0.060380
+L-____.((.,_ = 0.027137
+L-____.() = 0.012212
+L-_____ = 0.013569
+L-_____,___: = 0.045455
+L-_____.( = 0.020353
+L-_____.('__ = 0.061058
+L-_____EQ_.() = 0.039349
+L-_____EQ_.(EQ = 0.054274
+_source = /opt/splunk/var/log/splunk/splunk_secure_gateway_modular_input.log.1
+_sourcetype = splunk_secure_gateway_modular_input.log
+
+[/opt/splunk/var/log/splunk/splunk_secure_gateway_modular_input.log.1_Sun_Dec__7_17:40:54_2025_213707839]
+L---_::,__L7(. = 0.258856
+L-.:_____ = 0.023978
+L-.:_____:_( = 0.128610
+L-_(___): = 0.018529
+L-___\\"////./ = 0.054496
+L-___\\"////// = 0.075749
+L-____(,_)_EQ = 0.046866
+L-____,_,__EQ = 0.026703
+L-____,__EQ_. = 0.048501
+L-____.() = 0.010899
+L-_____,___: = 0.036512
+L-_____.( = 0.016349
+L-_____.('__ = 0.049046
+L-_____.(,_) = 0.019619
+L-_____..() = 0.018529
+L-_____..(,_ = 0.022343
+L-_____EQ_(.. = 0.032698
+L-_____EQ_.() = 0.031608
+_source = /opt/splunk/var/log/splunk/splunk_secure_gateway_modular_input.log.1
+_sourcetype = splunk_secure_gateway_modular_input.log
+
+[/opt/splunk/var/log/splunk/itsi_custom_threshold_window_overlaps_detector.log_Thu_Jan_15_20:40:02_2026_2061099872]
+L---_::,+_:_ = 0.564159
+_source = /opt/splunk/var/log/splunk/itsi_custom_threshold_window_overlaps_detector.log
+_sourcetype = itsi_custom_threshold_window_overlaps_detector
+aad = 0.002212
+aaf = 0.002212
+abab = 0.002212
+abb = 0.002212
+abd = 0.002212
+abf = 0.002212
+acb = 0.002212
+acc = 0.002212
+acd = 0.002212
+acdadd = 0.002212
+ace = 0.002212
+aceb = 0.002212
+adadf = 0.002212
+add = 0.002212
+adf = 0.002212
+aebe = 0.002212
+aec = 0.002212
+aedecd = 0.002212
+afa = 0.002212
+afb = 0.002212
+afcb = 0.002212
+all = 0.002212
+and = 0.002212
+assuming = 0.002212
+babcef = 0.002212
+bae = 0.002212
+baf = 0.002212
+batch = 0.002212
+bbbcee = 0.002212
+bbd = 0.002212
+bbe = 0.002212
+bccf = 0.002212
+bcf = 0.002212
+bcfc = 0.002212
+bdc = 0.002212
+bdf = 0.002212
+bdfd = 0.002212
+bea = 0.002212
+bec = 0.002212
+bfa = 0.002212
+bfb = 0.002212
+bfcbe = 0.002212
+bulk = 0.002212
+cabea = 0.002212
+cad = 0.002212
+cbdf = 0.002212
+cbfaabe = 0.002212
+cbfcd = 0.002212
+cbff = 0.002212
+cca = 0.002212
+ccab = 0.002212
+ccba = 0.002212
+ccbbdd = 0.002212
+ccc = 0.002212
+cdb = 0.002212
+cdc = 0.002212
+cdd = 0.002212
+cde = 0.002212
+cea = 0.002212
+cead = 0.002212
+ceb = 0.002212
+cec = 0.002212
+cece = 0.002212
+ced = 0.002212
+cee = 0.002212
+cef = 0.002212
+cfa = 0.002212
+cfc = 0.002212
+cff = 0.002212
+change = 0.002212
+collections = 0.002212
+completed = 0.002212
+count = 0.002212
+ctw = 0.002212
+custom = 0.002212
+daa = 0.002212
+dad = 0.002212
+dadbfc = 0.002212
+dafb = 0.002212
+data = 0.002212
+dbb = 0.002212
+dbe = 0.002212
+dbeeb = 0.002212
+dca = 0.002212
+dcb = 0.002212
+dcbda = 0.002212
+ddb = 0.002212
+ddbfea = 0.002212
+ddcd = 0.002212
+dde = 0.002212
+ddf = 0.002212
+decc = 0.002212
+dece = 0.002212
+deeaaeb = 0.002212
+detector = 0.002212
+dfb = 0.002212
+dfc = 0.002212
+dfd = 0.002212
+dir = 0.002212
+eaa = 0.002212
+eac = 0.002212
+eaf = 0.002212
+ebb = 0.002212
+ebbfb = 0.002212
+ebf = 0.002212
+ecba = 0.002212
+ecbd = 0.002212
+ecc = 0.002212
+eccac = 0.002212
+ece = 0.002212
+ecf = 0.002212
+ecfefe = 0.002212
+ede = 0.002212
+edf = 0.002212
+eea = 0.002212
+eeb = 0.002212
+eee = 0.002212
+efd = 0.002212
+eff = 0.002212
+end = 0.002212
+endpoint = 0.002212
+error = 0.002212
+exception = 0.002212
+fab = 0.002212
+fabe = 0.002212
+fac = 0.002212
+facf = 0.002212
+fafd = 0.002212
+fbd = 0.002212
+fbe = 0.002212
+fcad = 0.002212
+fcb = 0.002212
+fccb = 0.002212
+fdbdaffbd = 0.002212
+fdc = 0.002212
+fece = 0.002212
+fed = 0.002212
+fef = 0.002212
+fetched = 0.002212
+ffb = 0.002212
+ffd = 0.002212
+ffe = 0.002212
+filter = 0.002212
+find = 0.002212
+finished = 0.002212
+for = 0.002212
+get = 0.002212
+info = 0.002212
+invoked = 0.002212
+itoa = 0.002212
+itsi = 0.002212
+key = 0.002212
+kpi = 0.002212
+limit = 0.002212
+mainthread = 0.002212
+map = 0.002212
+method = 0.002212
+metric = 0.002212
+nobody = 0.002212
+none = 0.002212
+numberofobjects = 0.002212
+object = 0.002212
+objecttype = 0.002212
+overlapping = 0.002212
+overlaps = 0.002212
+owner = 0.002212
+populate = 0.002212
+populating = 0.002212
+post = 0.002212
+process = 0.002212
+raising = 0.002212
+request = 0.002212
+responseformat = 0.002212
+retries = 0.002212
+retrying = 0.002212
+servicesns = 0.002212
+skip = 0.002212
+sort = 0.002212
+source = 0.002212
+start = 0.002212
+starting = 0.002212
+statestore = 0.002212
+status = 0.002212
+storage = 0.002212
+store = 0.002212
+thread = 0.002212
+threshold = 0.002212
+tid = 0.002212
+time = 0.002212
+tracking = 0.002212
+transaction = 0.002212
+update = 0.002212
+user = 0.002212
+via = 0.002212
+warning = 0.002212
+window = 0.002212
+windows = 0.002212
+
+[/opt/splunk/var/log/splunk/itsi_content_pack_authorship.log_Thu_Jan_15_20:40:03_2026_2142501265]
+L---_::,+_:_ = 0.791246
+L-:_ = 0.047138
+_source = /opt/splunk/var/log/splunk/itsi_content_pack_authorship.log
+_sourcetype = itsi_content_pack_authorship
+authorship = 0.003367
+caused = 0.003367
+collection = 0.003367
+common = 0.003367
+connection = 0.003367
+content = 0.003367
+errno = 0.003367
+error = 0.003367
+establish = 0.003367
+exceeded = 0.003367
+exception = 0.003367
+failed = 0.003367
+function = 0.003367
+generating = 0.003367
+get = 0.003367
+host = 0.003367
+httpsconnection = 0.003367
+httpsconnectionpool = 0.003367
+info = 0.003367
+init = 0.003367
+itoa = 0.003367
+itsi = 0.003367
+kvstore = 0.003367
+mainthread = 0.003367
+max = 0.003367
+member = 0.003367
+new = 0.003367
+newconnectionerror = 0.003367
+none = 0.003367
+nonetype = 0.003367
+object = 0.003367
+occurred = 0.003367
+operation = 0.003367
+pack = 0.003367
+port = 0.003367
+process = 0.003367
+refused = 0.003367
+retries = 0.003367
+retrieve = 0.003367
+retry = 0.003367
+server = 0.003367
+services = 0.003367
+shc = 0.003367
+status = 0.003367
+thread = 0.003367
+url = 0.003367
+urllib = 0.003367
+with = 0.003367
+
+[/opt/splunk/var/log/splunk/itsi_content_packs_itsimodels.log_Thu_Jan_15_20:40:04_2026_107506064]
+L---_::,_:_: = 0.698347
+_source = /opt/splunk/var/log/splunk/itsi_content_packs_itsimodels.log
+_sourcetype = itsi_content_packs_itsimodels
+activity = 0.004132
+alerts = 0.004132
+atlas = 0.004132
+compute = 0.004132
+count = 0.004132
+cpu = 0.004132
+disk = 0.004132
+drops = 0.004132
+error = 0.004132
+errors = 0.004132
+events = 0.004132
+free = 0.004132
+health = 0.004132
+info = 0.004132
+init = 0.004132
+ints = 0.004132
+iops = 0.004132
+itsi = 0.004132
+itsimodels = 0.004132
+key = 0.004132
+kpi = 0.004132
+latency = 0.004132
+linux = 0.004132
+load = 0.004132
+log = 0.004132
+logins = 0.004132
+loss = 0.004132
+mainthread = 0.004132
+mem = 0.004132
+memory = 0.004132
+net = 0.004132
+network = 0.004132
+nix = 0.004132
+operating = 0.004132
+ops = 0.004132
+packet = 0.004132
+pct = 0.004132
+proc = 0.004132
+process = 0.004132
+processes = 0.004132
+processing = 0.004132
+rates = 0.004132
+read = 0.004132
+response = 0.004132
+restarts = 0.004132
+sec = 0.004132
+service = 0.004132
+services = 0.004132
+shkpi = 0.004132
+storage = 0.004132
+svc = 0.004132
+swap = 0.004132
+sysmoncpu = 0.004132
+sysmondisk = 0.004132
+sysmonlogs = 0.004132
+sysmonmemory = 0.004132
+sysmonnetwork = 0.004132
+sysmonprocesses = 0.004132
+sysmonsecurity = 0.004132
+sysmonservices = 0.004132
+sysmonsystemhealth = 0.004132
+system = 0.004132
+thread = 0.004132
+throughput = 0.004132
+traffic = 0.004132
+unique = 0.004132
+unknown = 0.004132
+usage = 0.004132
+user = 0.004132
+warnings = 0.004132
+with = 0.004132
+write = 0.004132
+zombies = 0.004132
+
+[/opt/splunk/var/log/splunk/itsi_csv_import.log_Thu_Jan_15_20:40:04_2026_1110876676]
+L---_::,+_:_ = 0.866337
+_source = /opt/splunk/var/log/splunk/itsi_csv_import.log
+_sourcetype = itsi_csv_import
+are = 0.004950
+bulk = 0.004950
+but = 0.004950
+csv = 0.004950
+entity = 0.004950
+error = 0.004950
+events = 0.004950
+import = 0.004950
+init = 0.004950
+itoa = 0.004950
+itsi = 0.004950
+mainthread = 0.004950
+not = 0.004950
+parser = 0.004950
+present = 0.004950
+process = 0.004950
+returns = 0.004950
+rule = 0.004950
+search = 0.004950
+skipped = 0.004950
+source = 0.004950
+specified = 0.004950
+the = 0.004950
+thread = 0.004950
+via = 0.004950
+warning = 0.004950
+will = 0.004950
+
+[/opt/splunk/var/log/splunk/itsi_exported_episode_files_cleaner.log_Thu_Jan_15_20:40:05_2026_60499474]
+L---_::,+_:_ = 0.190118
+L-.:_L7(_L7)____ = 0.153061
+L-.:_____ = 0.023631
+L-.:_____:_( = 0.103115
+L-_(___): = 0.018260
+L-___\\"////./ = 0.035983
+L-___\\"/////- = 0.053706
+L-____(,_)_EQ = 0.046187
+L-____,_,__EQ = 0.026316
+L-____,__EQ_. = 0.047798
+L-____.() = 0.010741
+L-_____,___: = 0.035983
+L-_____.('__ = 0.048335
+L-_____.(,_) = 0.019334
+L-_____.(EQ) = 0.031149
+L-_____..() = 0.018260
+L-_____..(,_ = 0.022019
+L-_____EQ_(.. = 0.032223
+L-_____EQ_.() = 0.017723
+_source = /opt/splunk/var/log/splunk/itsi_exported_episode_files_cleaner.log
+_sourcetype = itsi_exported_episode_files_cleaner
+
+[/opt/splunk/var/log/splunk/itsi_exported_episode_files_cleaner.log_Thu_Jan_15_20:40:06_2026_1425258872]
+L---_::,+_:_ = 0.233818
+L-.:_____ = 0.029062
+L-.:_____:_( = 0.126816
+L-_(___): = 0.022457
+L-___\\"////./ = 0.050198
+L-___\\"/////- = 0.066050
+L-____(,_)_EQ = 0.056803
+L-____,_,__EQ = 0.032365
+L-____,__EQ_. = 0.058785
+L-____.() = 0.013210
+L-_____,___: = 0.044254
+L-_____.('__ = 0.059445
+L-_____.(,_) = 0.023778
+L-_____..() = 0.022457
+L-_____..(,_ = 0.027081
+L-_____EQ_(.. = 0.039630
+L-_____EQ_.() = 0.021797
+_source = /opt/splunk/var/log/splunk/itsi_exported_episode_files_cleaner.log
+_sourcetype = itsi_exported_episode_files_cleaner
+
+[/opt/splunk/var/log/splunk/itsi_exported_episode_files_cleaner.log_Thu_Jan_15_20:40:06_2026_1354750084]
+L---_::,+_:_ = 0.159329
+L-.:_____ = 0.030748
+L-.:_____:_( = 0.134172
+L-_(___): = 0.023760
+L-___\\"////./ = 0.069881
+L-___\\"/////- = 0.069881
+L-____(,_)_EQ = 0.060098
+L-____,_,__EQ = 0.034242
+L-____,__EQ_. = 0.075472
+L-____.() = 0.013976
+L-_____,___: = 0.046820
+L-_____.('__ = 0.062893
+L-_____.(,_) = 0.025157
+L-_____..() = 0.023760
+L-_____..(,_ = 0.028651
+L-_____EQ_(.. = 0.041929
+L-_____EQ_.() = 0.023061
+_source = /opt/splunk/var/log/splunk/itsi_exported_episode_files_cleaner.log
+_sourcetype = itsi_exported_episode_files_cleaner
+
+[/opt/splunk/var/log/splunk/itsi-nats-server.log_Thu_Jan_15_20:40:10_2026_1611474517]
+L-L7(L7)_//_::._ = 0.181009
+_source = /opt/splunk/var/log/splunk/itsi-nats-server.log
+_sourcetype = itsi-nats-server
+abxxum = 0.002967
+acnawrtpi = 0.002967
+adlr = 0.002967
+adzkqij = 0.002967
+ahkqyxk = 0.002967
+akbb = 0.002967
+aodmefjo = 0.002967
+api = 0.002967
+apps = 0.002967
+awpsolmg = 0.002967
+azq = 0.002967
+bcrypt = 0.002967
+bin = 0.002967
+bjfafaqrexl = 0.002967
+bkoz = 0.002967
+bqsmdk = 0.002967
+btcqespshcn = 0.002967
+cdq = 0.002967
+ceaa = 0.002967
+client = 0.002967
+cluster = 0.002967
+cmxhqe = 0.002967
+cneo = 0.002967
+conf = 0.002967
+configuration = 0.002967
+connections = 0.002967
+cvu = 0.002967
+cwzs = 0.002967
+cyi = 0.002967
+data = 0.002967
+ddfkm = 0.002967
+detected = 0.002967
+dfde = 0.002967
+dfihowvirmm = 0.002967
+dgxw = 0.002967
+dhvqum = 0.002967
+directory = 0.002967
+dkqw = 0.002967
+docs = 0.002967
+dsw = 0.002967
+dwd = 0.002967
+dwhyci = 0.002967
+ebbjgtsx = 0.002967
+ehw = 0.002967
+epfgemnptcmqskon = 0.002967
+epmf = 0.002967
+eqlfmsyhxxh = 0.002967
+etc = 0.002967
+exiting = 0.002967
+fcz = 0.002967
+fdiygjoyfby = 0.002967
+fdwzc = 0.002967
+fgmgnh = 0.002967
+fgth = 0.002967
+file = 0.002967
+flt = 0.002967
+fnz = 0.002967
+for = 0.002967
+fqd = 0.002967
+fsqwnjd = 0.002967
+fss = 0.002967
+fyl = 0.002967
+gctofaplu = 0.002967
+gdrn = 0.002967
+gggrvjhl = 0.002967
+git = 0.002967
+gof = 0.002967
+gtusw = 0.002967
+gwzecun = 0.002967
+gysfe = 0.002967
+hagaigcvviajqr = 0.002967
+hgf = 0.002967
+hhrtrsmuwp = 0.002967
+hiqfbc = 0.002967
+hkd = 0.002967
+hnujyfbwi = 0.002967
+hrqwhyx = 0.002967
+http = 0.002967
+https = 0.002967
+hyz = 0.002967
+hzb = 0.002967
+imnb = 0.002967
+indexes = 0.002967
+inf = 0.002967
+initiating = 0.002967
+iowt = 0.002967
+isby = 0.002967
+isin = 0.002967
+isvv = 0.002967
+iti = 0.002967
+itoa = 0.002967
+itsi = 0.002967
+iwyrriuu = 0.002967
+jcv = 0.002967
+jetstream = 0.002967
+jhlyaku = 0.002967
+jko = 0.002967
+jncgaqlwtu = 0.002967
+jub = 0.002967
+jutzgnfbja = 0.002967
+kmrm = 0.002967
+kqq = 0.002967
+ksb = 0.002967
+ktu = 0.002967
+kuhs = 0.002967
+kxydf = 0.002967
+kyjsqlysxx = 0.002967
+lavs = 0.002967
+ldinhsfbuuk = 0.002967
+ledacuc = 0.002967
+level = 0.002967
+lihesfluumkhqabhi = 0.002967
+listening = 0.002967
+llqrlu = 0.002967
+lnl = 0.002967
+lrrz = 0.002967
+ltyq = 0.002967
+lwkhabdxhoaucjlbnha = 0.002967
+max = 0.002967
+memory = 0.002967
+messages = 0.002967
+mfmsg = 0.002967
+mis = 0.002967
+mktko = 0.002967
+mmmu = 0.002967
+mne = 0.002967
+monitor = 0.002967
+mpxmmnpbg = 0.002967
+mra = 0.002967
+mxmo = 0.002967
+naaxiiv = 0.002967
+nabmd = 0.002967
+naedde = 0.002967
+nahstr = 0.002967
+naiiscoc = 0.002967
+nal = 0.002967
+name = 0.002967
+nanebsrx = 0.002967
+natel = 0.002967
+nats = 0.002967
+navzmtxj = 0.002967
+naz = 0.002967
+nbbjm = 0.002967
+nbksqdzlvkxz = 0.002967
+nbkwwl = 0.002967
+nbl = 0.002967
+nblvenl = 0.002967
+nbngara = 0.002967
+nbuvf = 0.002967
+nbwucsufpb = 0.002967
+nby = 0.002967
+ncju = 0.002967
+ncldte = 0.002967
+ncrocqxy = 0.002967
+ncvo = 0.002967
+ncwdytmconm = 0.002967
+nczm = 0.002967
+nczxgc = 0.002967
+ndjwycvktfy = 0.002967
+ndppncq = 0.002967
+ndr = 0.002967
+ndzvijz = 0.002967
+nejxm = 0.002967
+nhvxrqa = 0.002967
+nkeys = 0.002967
+nnxkfkrsb = 0.002967
+node = 0.002967
+noymejfwqo = 0.002967
+npl = 0.002967
+ocflksiulm = 0.002967
+ojc = 0.002967
+ojtc = 0.002967
+okb = 0.002967
+onzvq = 0.002967
+ooelctxshi = 0.002967
+opt = 0.002967
+orevh = 0.002967
+owk = 0.002967
+pac = 0.002967
+passwords = 0.002967
+pfgg = 0.002967
+phklhn = 0.002967
+pji = 0.002967
+pjmccnhdlbx = 0.002967
+plaintext = 0.002967
+ppaorzvo = 0.002967
+ptspvhpj = 0.002967
+ptyp = 0.002967
+pvwv = 0.002967
+pwcs = 0.002967
+pwdjf = 0.002967
+pwf = 0.002967
+pxresxae = 0.002967
+pyn = 0.002967
+qanux = 0.002967
+qeum = 0.002967
+qewn = 0.002967
+qhbc = 0.002967
+qhwepygxlqbxwyae = 0.002967
+qjjddf = 0.002967
+qnrfnl = 0.002967
+qru = 0.002967
+qwaba = 0.002967
+qyxzsbpxlsx = 0.002967
+qzsml = 0.002967
+rbzolb = 0.002967
+ready = 0.002967
+restore = 0.002967
+restored = 0.002967
+rew = 0.002967
+rfmehawpxdwdp = 0.002967
+rfs = 0.002967
+rjdhqdpyzireg = 0.002967
+rpkxnun = 0.002967
+seenwdulvjnjw = 0.002967
+server = 0.002967
+shutdown = 0.002967
+sixk = 0.002967
+slafmtt = 0.002967
+slrkwlvlwcziy = 0.002967
+srtblvs = 0.002967
+starting = 0.002967
+storage = 0.002967
+store = 0.002967
+stream = 0.002967
+swsipy = 0.002967
+sydhxjftcxcn = 0.002967
+tdatldcyzre = 0.002967
+tqenmdhsd = 0.002967
+trdr = 0.002967
+tuvxc = 0.002967
+tzsbf = 0.002967
+uaps = 0.002967
+ubn = 0.002967
+uiyeym = 0.002967
+uleydzlwymhyb = 0.002967
+ult = 0.002967
+uohfj = 0.002967
+use = 0.002967
+using = 0.002967
+vdn = 0.002967
+version = 0.002967
+vib = 0.002967
+viw = 0.002967
+vkupfit = 0.002967
+vny = 0.002967
+vttnmfj = 0.002967
+vwnptdeh = 0.002967
+wbrx = 0.002967
+wbvxrigq = 0.002967
+wbwxxqrzbjsbx = 0.002967
+wgd = 0.002967
+wgnedyj = 0.002967
+whnxp = 0.002967
+wikxfkqronjdw = 0.002967
+wpbu = 0.002967
+wpf = 0.002967
+wrn = 0.002967
+wry = 0.002967
+wzj = 0.002967
+xdzj = 0.002967
+xkcxbn = 0.002967
+xllygjqxixutv = 0.002967
+xmmlj = 0.002967
+xssp = 0.002967
+xtdlbhll = 0.002967
+yfqybnl = 0.002967
+ylohq = 0.002967
+ymf = 0.002967
+ynibbwejg = 0.002967
+yqejbgdwhyxvlwh = 0.002967
+yuzr = 0.002967
+yvimhp = 0.002967
+ywrndnhhagvfdyw = 0.002967
+zbvq = 0.002967
+zlnhmyc = 0.002967
+
+[/opt/splunk/var/log/splunk/itsi-nats-server.log_Thu_Jan_15_20:40:10_2026_1046321407]
+L-L7(L7)_//_::._ = 0.529801
+_source = /opt/splunk/var/log/splunk/itsi-nats-server.log
+_sourcetype = itsi-nats-server
+api = 0.006623
+apps = 0.006623
+bcrypt = 0.006623
+bin = 0.006623
+ceaa = 0.006623
+client = 0.006623
+cluster = 0.006623
+conf = 0.006623
+configuration = 0.006623
+connections = 0.006623
+cucwlj = 0.006623
+cvo = 0.006623
+data = 0.006623
+detected = 0.006623
+dfde = 0.006623
+directory = 0.006623
+docs = 0.006623
+drqdjx = 0.006623
+etc = 0.006623
+file = 0.006623
+for = 0.006623
+git = 0.006623
+gqca = 0.006623
+http = 0.006623
+https = 0.006623
+igumoi = 0.006623
+indexes = 0.006623
+inf = 0.006623
+itoa = 0.006623
+itsi = 0.006623
+jetstream = 0.006623
+kxmsgi = 0.006623
+level = 0.006623
+listening = 0.006623
+max = 0.006623
+memory = 0.006623
+messages = 0.006623
+mkbogvaet = 0.006623
+monitor = 0.006623
+name = 0.006623
+napb = 0.006623
+nats = 0.006623
+ndjf = 0.006623
+nkeys = 0.006623
+node = 0.006623
+obnfgddte = 0.006623
+ofrfxjs = 0.006623
+opt = 0.006623
+passwords = 0.006623
+plaintext = 0.006623
+plr = 0.006623
+pxresxae = 0.006623
+qtwfhgzu = 0.006623
+ready = 0.006623
+restore = 0.006623
+restored = 0.006623
+server = 0.006623
+sldizln = 0.006623
+starting = 0.006623
+storage = 0.006623
+store = 0.006623
+stream = 0.006623
+use = 0.006623
+using = 0.006623
+utlt = 0.006623
+version = 0.006623
+wiabnpb = 0.006623
+wrn = 0.006623
+xpfdoomoeud = 0.006623
+ybn = 0.006623
+zawcpiizwmvbnb = 0.006623
+
+[/opt/splunk/var/log/splunk/itsi_ai_summary_worker.log_Thu_Jan_15_20:40:12_2026_940836384]
+L-.___--_::, = 0.359596
+L-:___()__-: = 0.123232
+L-_(___): = 0.068687
+L-___\\"/////- = 0.214141
+L-_____EQ__-_ = 0.153535
+_source = /opt/splunk/var/log/splunk/itsi_ai_summary_worker.log
+_sourcetype = itsi_ai_summary_worker
+and = 0.002020
+apps = 0.002020
+bin = 0.002020
+call = 0.002020
+current = 0.002020
+cutoff = 0.002020
+during = 0.002020
+epoch = 0.002020
+error = 0.002020
+etc = 0.002020
+exception = 0.002020
+file = 0.002020
+for = 0.002020
+hours = 0.002020
+int = 0.002020
+itsi = 0.002020
+last = 0.002020
+line = 0.002020
+most = 0.002020
+operand = 0.002020
+opt = 0.002020
+period = 0.002020
+pid = 0.002020
+purge = 0.002020
+queue = 0.002020
+recent = 0.002020
+records = 0.002020
+retention = 0.002020
+stale = 0.002020
+str = 0.002020
+summarization = 0.002020
+summary = 0.002020
+time = 0.002020
+traceback = 0.002020
+type = 0.002020
+typeerror = 0.002020
+unexpected = 0.002020
+unsupported = 0.002020
+work = 0.002020
+worker = 0.002020
+
+[/opt/splunk/var/log/splunk/itsi_queue_re_init.log.5_Thu_Jan_15_20:40:52_2026_1474047470]
+L---_::,____ = 0.886228
+_source = /opt/splunk/var/log/splunk/itsi_queue_re_init.log.5
+_sourcetype = itsi_queue_re_init.log
+engine = 0.005988
+error = 0.005988
+http = 0.005988
+https = 0.005988
+information = 0.005988
+installed = 0.005988
+itoa = 0.005988
+java = 0.005988
+jvm = 0.005988
+metric = 0.005988
+nobody = 0.005988
+order = 0.005988
+required = 0.005988
+retrieving = 0.005988
+rules = 0.005988
+servicesns = 0.005988
+start = 0.005988
+the = 0.005988
+version = 0.005988
+
+[/opt/splunk/var/log/splunk/itsi_license_checker.log.4_Thu_Jan_15_20:41:25_2026_1780892452]
+L---_::,__L7(. = 0.474114
+L---_::,__L7(L7) = 0.305177
+_source = /opt/splunk/var/log/splunk/itsi_license_checker.log.4
+_sourcetype = itsi_license_checker.log-2
+aab = 0.002725
+aba = 0.002725
+active = 0.002725
+add = 0.002725
+aea = 0.002725
+afad = 0.002725
+api = 0.002725
+are = 0.002725
+bce = 0.002725
+bfb = 0.002725
+bff = 0.002725
+cac = 0.002725
+cdbdfa = 0.002725
+cfa = 0.002725
+checker = 0.002725
+checking = 0.002725
+completed = 0.002725
+dbf = 0.002725
+dcae = 0.002725
+deaeb = 0.002725
+deaebac = 0.002725
+dependent = 0.002725
+dfd = 0.002725
+ebe = 0.002725
+efb = 0.002725
+efceca = 0.002725
+enterprise = 0.002725
+execute = 0.002725
+exit = 0.002725
+expiration = 0.002725
+faa = 0.002725
+fac = 0.002725
+factory = 0.002725
+fad = 0.002725
+fbb = 0.002725
+fbf = 0.002725
+fcc = 0.002725
+fcca = 0.002725
+fce = 0.002725
+fcf = 0.002725
+fdb = 0.002725
+fdd = 0.002725
+fdee = 0.002725
+fdf = 0.002725
+fdfd = 0.002725
+fea = 0.002725
+feae = 0.002725
+fec = 0.002725
+ffadd = 0.002725
+ffba = 0.002725
+ffbcb = 0.002725
+get = 0.002725
+group = 0.002725
+info = 0.002725
+input = 0.002725
+internal = 0.002725
+itsi = 0.002725
+license = 0.002725
+licensemanager = 0.002725
+licenses = 0.002725
+manage = 0.002725
+manager = 0.002725
+modular = 0.002725
+non = 0.002725
+normally = 0.002725
+object = 0.002725
+production = 0.002725
+real = 0.002725
+root = 0.002725
+run = 0.002725
+running = 0.002725
+self = 0.002725
+signaling = 0.002725
+some = 0.002725
+splunklicensesapi = 0.002725
+starting = 0.002725
+subgroup = 0.002725
+successfully = 0.002725
+there = 0.002725
+unexpired = 0.002725
+uri = 0.002725
+
+[/opt/splunk/var/log/splunk/itsi_license_checker.log.4_Thu_Jan_15_20:41:25_2026_1187581544]
+L---_::,__L7(. = 0.657841
+L---_::,__L7(L7) = 0.193483
+_source = /opt/splunk/var/log/splunk/itsi_license_checker.log.4
+_sourcetype = itsi_license_checker.log-2
+aae = 0.002037
+acf = 0.002037
+active = 0.002037
+aea = 0.002037
+aed = 0.002037
+api = 0.002037
+are = 0.002037
+baa = 0.002037
+bba = 0.002037
+bcad = 0.002037
+bda = 0.002037
+bfca = 0.002037
+bfcc = 0.002037
+bfcf = 0.002037
+cba = 0.002037
+cbaac = 0.002037
+ccfeef = 0.002037
+cef = 0.002037
+checker = 0.002037
+checking = 0.002037
+completed = 0.002037
+dependent = 0.002037
+eab = 0.002037
+ecc = 0.002037
+eec = 0.002037
+efc = 0.002037
+efe = 0.002037
+enterprise = 0.002037
+execute = 0.002037
+exit = 0.002037
+expiration = 0.002037
+factory = 0.002037
+fba = 0.002037
+fbe = 0.002037
+fceb = 0.002037
+fcfb = 0.002037
+fcfdd = 0.002037
+fdb = 0.002037
+fdc = 0.002037
+fdf = 0.002037
+feeab = 0.002037
+fef = 0.002037
+ffa = 0.002037
+get = 0.002037
+group = 0.002037
+info = 0.002037
+input = 0.002037
+internal = 0.002037
+itsi = 0.002037
+license = 0.002037
+licensemanager = 0.002037
+licenses = 0.002037
+manage = 0.002037
+manager = 0.002037
+modular = 0.002037
+non = 0.002037
+normally = 0.002037
+object = 0.002037
+production = 0.002037
+real = 0.002037
+root = 0.002037
+run = 0.002037
+running = 0.002037
+self = 0.002037
+signaling = 0.002037
+some = 0.002037
+splunklicensesapi = 0.002037
+starting = 0.002037
+subgroup = 0.002037
+successfully = 0.002037
+there = 0.002037
+unexpired = 0.002037
+uri = 0.002037
+
+[/opt/splunk/var/log/splunk/itsi_nats_mod_input.log.5_Thu_Jan_15_20:41:26_2026_1140973338]
+L---_::,+_:_ = 0.920904
+_source = /opt/splunk/var/log/splunk/itsi_nats_mod_input.log.5
+_sourcetype = itsi_nats_mod_input.log
+index = 0.005650
+info = 0.005650
+input = 0.005650
+itsi = 0.005650
+metrics = 0.005650
+mod = 0.005650
+nats = 0.005650
+next = 0.005650
+process = 0.005650
+push = 0.005650
+pushed = 0.005650
+round = 0.005650
+successfully = 0.005650
+thread = 0.005650
+
+[/opt/splunk/var/log/splunk/itsi_default_correlation_search_acl_loader.log.4_Thu_Jan_15_22:38:33_2026_404475204]
+L---_::,+_:_ = 0.718007
+L-</> = 0.012458
+L-<> = 0.011325
+L-__</> = 0.014723
+L-__<> = 0.013590
+L-____<_EQ\\"\\"> = 0.087203
+_source = /opt/splunk/var/log/splunk/itsi_default_correlation_search_acl_loader.log.4
+_sourcetype = itsi_default_correlation_search_acl_loader.log
+aaf = 0.001133
+abc = 0.001133
+aca = 0.001133
+access = 0.001133
+acl = 0.001133
+afac = 0.001133
+afc = 0.001133
+again = 0.001133
+age = 0.001133
+app = 0.001133
+attempted = 0.001133
+authorization = 0.001133
+based = 0.001133
+bdc = 0.001133
+beb = 0.001133
+bec = 0.001133
+cache = 0.001133
+charset = 0.001133
+close = 0.001133
+connection = 0.001133
+content = 0.001133
+control = 0.001133
+correlation = 0.001133
+critical = 0.001133
+dad = 0.001133
+daef = 0.001133
+date = 0.001133
+dbbc = 0.001133
+ddc = 0.001133
+default = 0.001133
+delete = 0.001133
+dfb = 0.001133
+eac = 0.001133
+ead = 0.001133
+eced = 0.001133
+ecf = 0.001133
+efeedf = 0.001133
+encoding = 0.001133
+error = 0.001133
+expires = 0.001133
+failed = 0.001133
+fetched = 0.001133
+for = 0.001133
+frame = 0.001133
+generate = 0.001133
+get = 0.001133
+health = 0.001133
+inclusion = 0.001133
+info = 0.001133
+initialized = 0.001133
+initializing = 0.001133
+input = 0.001133
+instance = 0.001133
+itsi = 0.001133
+key = 0.001133
+later = 0.001133
+length = 0.001133
+loader = 0.001133
+mainthread = 0.001133
+max = 0.001133
+message = 0.001133
+messages = 0.001133
+modular = 0.001133
+monitor = 0.001133
+msg = 0.001133
+must = 0.001133
+mysplunk = 0.001133
+nobody = 0.001133
+nosniff = 0.001133
+not = 0.001133
+now = 0.001133
+obj = 0.001133
+object = 0.001133
+occurs = 0.001133
+once = 0.001133
+only = 0.001133
+options = 0.001133
+owner = 0.001133
+permissions = 0.001133
+perms = 0.001133
+persist = 0.001133
+please = 0.001133
+process = 0.001133
+query = 0.001133
+read = 0.001133
+reloaded = 0.001133
+response = 0.001133
+restartless = 0.001133
+revalidate = 0.001133
+run = 0.001133
+running = 0.001133
+sameorigin = 0.001133
+save = 0.001133
+score = 0.001133
+search = 0.001133
+server = 0.001133
+services = 0.001133
+set = 0.001133
+shared = 0.001133
+splunkd = 0.001133
+status = 0.001133
+still = 0.001133
+store = 0.001133
+storename = 0.001133
+text = 0.001133
+this = 0.001133
+thread = 0.001133
+true = 0.001133
+try = 0.001133
+trying = 0.001133
+type = 0.001133
+unable = 0.001133
+update = 0.001133
+upgrade = 0.001133
+user = 0.001133
+useraccess = 0.001133
+useraccessstore = 0.001133
+utf = 0.001133
+utils = 0.001133
+vary = 0.001133
+version = 0.001133
+warning = 0.001133
+were = 0.001133
+write = 0.001133
+xml = 0.001133
+yet = 0.001133
+
+[/opt/splunk/var/log/splunk/itsi_default_correlation_search_acl_loader.log.4_Thu_Jan_15_22:38:33_2026_1303883513]
+L---_::,+_:_ = 0.479911
+L-</> = 0.024554
+L-<> = 0.022321
+L-__</> = 0.029018
+L-__<> = 0.026786
+L-____<_EQ\\"\\"> = 0.171875
+_source = /opt/splunk/var/log/splunk/itsi_default_correlation_search_acl_loader.log.4
+_sourcetype = itsi_default_correlation_search_acl_loader.log
+access = 0.002232
+acl = 0.002232
+aed = 0.002232
+aefe = 0.002232
+again = 0.002232
+age = 0.002232
+app = 0.002232
+attempted = 0.002232
+authorization = 0.002232
+bac = 0.002232
+based = 0.002232
+bbb = 0.002232
+bda = 0.002232
+bddd = 0.002232
+bed = 0.002232
+cache = 0.002232
+charset = 0.002232
+close = 0.002232
+connection = 0.002232
+content = 0.002232
+control = 0.002232
+correlation = 0.002232
+critical = 0.002232
+date = 0.002232
+dca = 0.002232
+default = 0.002232
+delete = 0.002232
+eed = 0.002232
+encoding = 0.002232
+error = 0.002232
+expires = 0.002232
+failed = 0.002232
+fed = 0.002232
+fetched = 0.002232
+ffb = 0.002232
+for = 0.002232
+frame = 0.002232
+generate = 0.002232
+get = 0.002232
+health = 0.002232
+inclusion = 0.002232
+info = 0.002232
+initialized = 0.002232
+initializing = 0.002232
+itsi = 0.002232
+key = 0.002232
+later = 0.002232
+length = 0.002232
+loader = 0.002232
+mainthread = 0.002232
+max = 0.002232
+message = 0.002232
+messages = 0.002232
+monitor = 0.002232
+msg = 0.002232
+must = 0.002232
+nobody = 0.002232
+nosniff = 0.002232
+not = 0.002232
+now = 0.002232
+obj = 0.002232
+object = 0.002232
+occurs = 0.002232
+once = 0.002232
+only = 0.002232
+options = 0.002232
+owner = 0.002232
+permissions = 0.002232
+perms = 0.002232
+persist = 0.002232
+please = 0.002232
+process = 0.002232
+query = 0.002232
+read = 0.002232
+response = 0.002232
+revalidate = 0.002232
+sameorigin = 0.002232
+save = 0.002232
+score = 0.002232
+search = 0.002232
+server = 0.002232
+services = 0.002232
+set = 0.002232
+shared = 0.002232
+splunkd = 0.002232
+status = 0.002232
+still = 0.002232
+store = 0.002232
+storename = 0.002232
+text = 0.002232
+this = 0.002232
+thread = 0.002232
+true = 0.002232
+try = 0.002232
+trying = 0.002232
+type = 0.002232
+unable = 0.002232
+update = 0.002232
+user = 0.002232
+useraccess = 0.002232
+useraccessstore = 0.002232
+utf = 0.002232
+utils = 0.002232
+vary = 0.002232
+version = 0.002232
+warning = 0.002232
+were = 0.002232
+write = 0.002232
+xml = 0.002232
+yet = 0.002232
+
+[/opt/splunk/var/log/splunk/trackme_state_events.log_Thu_Jan_22_22:23:12_2026_656779231]
+L-{\\"\\":_.,_\\"\\" = 0.536857
+_source = /opt/splunk/var/log/splunk/trackme_state_events.log
+_sourcetype = trackme_state_events-2
+
+[/opt/splunk/var/log/splunk/trackme_state_events.log_Thu_Jan_22_22:23:12_2026_1087230720]
+L-{\\"\\":_.,_\\"\\" = 0.521884
+_source = /opt/splunk/var/log/splunk/trackme_state_events.log
+_sourcetype = trackme_state_events-2
+
+[/opt/splunk/var/log/splunk/trackme_state_events.log_Thu_Jan_22_22:23:13_2026_686683120]
+L-{\\"\\":_.,_\\"\\" = 0.797163
+_source = /opt/splunk/var/log/splunk/trackme_state_events.log
+_sourcetype = trackme_state_events-2
+
+[/opt/splunk/var/log/splunk/trackme_handler_events.log_Thu_Jan_22_22:23:15_2026_747691493]
+L-{\\"\\":_.,_\\"\\" = 0.460724
+_source = /opt/splunk/var/log/splunk/trackme_handler_events.log
+_sourcetype = trackme_handler_events-2
+
+[/opt/splunk/var/log/splunk/trackme_handler_events.log_Thu_Jan_22_22:23:15_2026_964192195]
+L-{\\"\\":_.,_\\"\\" = 0.445239
+_source = /opt/splunk/var/log/splunk/trackme_handler_events.log
+_sourcetype = trackme_handler_events-2
+
+[/opt/splunk/var/log/splunk/trackme_handler_events.log_Thu_Jan_22_22:23:15_2026_876009785]
+L-{\\"\\":_.,_\\"\\" = 0.479826
+_source = /opt/splunk/var/log/splunk/trackme_handler_events.log
+_sourcetype = trackme_handler_events-2
+
+[/opt/splunk/var/log/splunk/git_pusher.log_Sat_Jan_24_19:02:30_2026_893356792]
+L---_::,_-__ = 0.077998
+L-.:__'L7('',_ = 0.115250
+L-:__:_:_ = 0.044237
+L-:____'://. = 0.105937
+L-_(___): = 0.039581
+L-___\\"///./. = 0.082654
+L-___\\"////// = 0.093132
+L-____,__EQ_. = 0.073341
+L-____.(,_,_ = 0.072177
+L-_____( = 0.029104
+L-_____(\\"_:_ = 0.060536
+L-_____EQ_.(L7( = 0.076834
+_source = /opt/splunk/var/log/splunk/git_pusher.log
+_sourcetype = git_pusher-3
+adding = 0.001164
+admingit = 0.001164
+after = 0.001164
+alerts = 0.001164
+app = 0.001164
+apps = 0.001164
+authentication = 0.001164
+bin = 0.001164
+branch = 0.001164
+call = 0.001164
+ccb = 0.001164
+certificate = 0.001164
+check = 0.001164
+cleaning = 0.001164
+cloned = 0.001164
+cloning = 0.001164
+command = 0.001164
+commit = 0.001164
+committing = 0.001164
+communicate = 0.001164
+configuring = 0.001164
+created = 0.001164
+dashboard = 0.001164
+dashboards = 0.001164
+data = 0.001164
+deploiement = 0.001164
+directory = 0.001164
+editor = 0.001164
+endtime = 0.001164
+error = 0.001164
+etc = 0.001164
+exception = 0.001164
+fadmingit = 0.001164
+failed = 0.001164
+fatal = 0.001164
+fcfdd = 0.001164
+file = 0.001164
+files = 0.001164
+for = 0.001164
+fsplunk = 0.001164
+generated = 0.001164
+generating = 0.001164
+git = 0.001164
+gkflj = 0.001164
+http = 0.001164
+https = 0.001164
+info = 0.001164
+input = 0.001164
+last = 0.001164
+lib = 0.001164
+line = 0.001164
+listening = 0.001164
+lor = 0.001164
+lye = 0.001164
+main = 0.001164
+master = 0.001164
+message = 0.001164
+missing = 0.001164
+model = 0.001164
+most = 0.001164
+name = 0.001164
+okc = 0.001164
+opt = 0.001164
+orig = 0.001164
+origin = 0.001164
+out = 0.001164
+parameters = 0.001164
+port = 0.001164
+post = 0.001164
+process = 0.001164
+push = 0.001164
+pusher = 0.001164
+pushing = 0.001164
+python = 0.001164
+raise = 0.001164
+received = 0.001164
+recent = 0.001164
+remote = 0.001164
+repository = 0.001164
+request = 0.001164
+result = 0.001164
+run = 0.001164
+search = 0.001164
+seconds = 0.001164
+self = 0.001164
+server = 0.001164
+signed = 0.001164
+starting = 0.001164
+stderr = 0.001164
+stdout = 0.001164
+subprocess = 0.001164
+successful = 0.001164
+successfully = 0.001164
+temp = 0.001164
+test = 0.001164
+timed = 0.001164
+timeout = 0.001164
+timeoutexpired = 0.001164
+tmp = 0.001164
+token = 0.001164
+traceback = 0.001164
+unknown = 0.001164
+url = 0.001164
+user = 0.001164
+usr = 0.001164
+validation = 0.001164
+verify = 0.001164
+warning = 0.001164
+writing = 0.001164
+written = 0.001164
+yks = 0.001164
+
+[/opt/splunk/var/log/splunk/git_pusher_startup.log_Sat_Jan_24_23:46:43_2026_86018946]
+L---_::,_-__ = 0.223819
+L-:__:_:____ = 0.227926
+L-_(___): = 0.069815
+L-___\\"////// = 0.164271
+L-_____(\\"_:_ = 0.106776
+_source = /opt/splunk/var/log/splunk/git_pusher_startup.log
+_sourcetype = git_pusher_startup-2
+adding = 0.002053
+address = 0.002053
+admingit = 0.002053
+aeb = 0.002053
+app = 0.002053
+application = 0.002053
+applications = 0.002053
+apps = 0.002053
+audit = 0.002053
+bcaa = 0.002053
+bin = 0.002053
+branch = 0.002053
+bwc = 0.002053
+call = 0.002053
+changes = 0.002053
+checking = 0.002053
+cleaning = 0.002053
+cloned = 0.002053
+cloning = 0.002053
+commit = 0.002053
+committing = 0.002053
+config = 0.002053
+configuring = 0.002053
+copied = 0.002053
+copying = 0.002053
+could = 0.002053
+created = 0.002053
+deploiement = 0.002053
+device = 0.002053
+directories = 0.002053
+directory = 0.002053
+error = 0.002053
+etc = 0.002053
+exception = 0.002053
+explorer = 0.002053
+fadmingit = 0.002053
+failed = 0.002053
+fatal = 0.002053
+fetching = 0.002053
+file = 0.002053
+files = 0.002053
+fonctionnel = 0.002053
+for = 0.002053
+found = 0.002053
+from = 0.002053
+fsplunk = 0.002053
+git = 0.002053
+had = 0.002053
+have = 0.002053
+http = 0.002053
+info = 0.002053
+items = 0.002053
+jocpam = 0.002053
+json = 0.002053
+keys = 0.002053
+last = 0.002053
+line = 0.002053
+listening = 0.002053
+master = 0.002053
+message = 0.002053
+most = 0.002053
+name = 0.002053
+not = 0.002053
+opt = 0.002053
+parameters = 0.002053
+params = 0.002053
+parsed = 0.002053
+pij = 0.002053
+port = 0.002053
+post = 0.002053
+push = 0.002053
+pusher = 0.002053
+pushing = 0.002053
+qbksxc = 0.002053
+query = 0.002053
+raise = 0.002053
+raw = 0.002053
+read = 0.002053
+received = 0.002053
+recent = 0.002053
+repository = 0.002053
+request = 0.002053
+result = 0.002053
+server = 0.002053
+sop = 0.002053
+starting = 0.002053
+stderr = 0.002053
+successful = 0.002053
+successfully = 0.002053
+such = 0.002053
+temp = 0.002053
+tmp = 0.002053
+token = 0.002053
+traceback = 0.002053
+trail = 0.002053
+unknown = 0.002053
+url = 0.002053
+user = 0.002053
+username = 0.002053
+version = 0.002053
+warning = 0.002053
+
+[/opt/splunk/var/log/splunk/mlspl.log.1_Sun_Jan_25_01:41:18_2026_174677937]
+L-.___--_::, = 0.150000
+L-:________- = 0.148611
+L-_(___): = 0.047222
+L-___\\"////// = 0.138889
+L-____() = 0.026389
+L-____,__EQ_( = 0.055556
+L-_____('___ = 0.125000
+L-_____(.) = 0.044444
+L-_____,___: = 0.093056
+L-_____.(): = 0.043056
+L-_____EQ_.(, = 0.052778
+_source = /opt/splunk/var/log/splunk/mlspl.log.1
+_sourcetype = mlspl.log
+above = 0.001389
+add = 0.001389
+anaconda = 0.001389
+another = 0.001389
+apps = 0.001389
+base = 0.001389
+bin = 0.001389
+body = 0.001389
+call = 0.001389
+cexc = 0.001389
+chunk = 0.001389
+computing = 0.001389
+die = 0.001389
+during = 0.001389
+error = 0.001389
+etc = 0.001389
+exception = 0.001389
+exec = 0.001389
+failed = 0.001389
+file = 0.001389
+find = 0.001389
+for = 0.001389
+get = 0.001389
+handle = 0.001389
+handler = 0.001389
+handling = 0.001389
+init = 0.001389
+last = 0.001389
+line = 0.001389
+linux = 0.001389
+metadata = 0.001389
+mlspl = 0.001389
+most = 0.001389
+msg = 0.001389
+occurred = 0.001389
+opt = 0.001389
+path = 0.001389
+paths = 0.001389
+pid = 0.001389
+python = 0.001389
+raise = 0.001389
+recent = 0.001389
+ret = 0.001389
+run = 0.001389
+runtimeerror = 0.001389
+scientific = 0.001389
+scipy = 0.001389
+self = 0.001389
+system = 0.001389
+the = 0.001389
+toolkit = 0.001389
+traceback = 0.001389
+util = 0.001389
+while = 0.001389
+
+[/opt/splunk/var/log/splunk/git_pusher.log_Sun_Jan_25_19:56:11_2026_2004250525]
+L---_::,_-__ = 0.045887
+L-.:__'L7('',_ = 0.055400
+L-:_()_____: = 0.042529
+L-:_L7(_L7)__:_' = 0.046447
+L-:__:_:_ = 0.024622
+L-:__:_:__'_ = 0.036933
+L-:__:_:____ = 0.062115
+L-:__:___'// = 0.037493
+L-:____'://. = 0.067711
+L-_(___): = 0.019026
+L-___\\"///./. = 0.031337
+L-___\\"////// = 0.049804
+L-____(,_) = 0.011752
+L-____,__EQ_. = 0.035255
+L-____.(,_) = 0.022384
+L-____.(,_,_ = 0.037493
+L-____.(,_EQ) = 0.024622
+L-_____( = 0.013990
+L-_____(EQ,_EQ = 0.041410
+L-_____(\\"_:_ = 0.029659
+L-_____EQ_.(, = 0.036374
+L-_____EQ_.(L7( = 0.036933
+_source = /opt/splunk/var/log/splunk/git_pusher.log
+_sourcetype = git_pusher-5
diff --git a/apps/learned/metadata/default.meta b/apps/learned/metadata/default.meta
new file mode 100755
index 00000000..8780f25f
--- /dev/null
+++ b/apps/learned/metadata/default.meta
@@ -0,0 +1,24 @@
+
+### export: eventtypes, savedsearches, transforms and props
+
+[eventtypes]
+access = read : [ * ], write : [ admin, power ]
+export = system
+
+[savedsearches]
+access = read : [ * ], write : [ admin, power ]
+export = system
+
+[transforms]
+access = read : [ * ], write : [ admin, power ]
+export = system
+
+[props]
+access = read : [ * ], write : [ admin, power ]
+export = system
+
+### VIEWSTATES: even normal users should be able to create shared viewstates
+
+[viewstates]
+access = read : [ * ], write : [ * ]
+
diff --git a/apps/learned/metadata/local.meta b/apps/learned/metadata/local.meta
new file mode 100644
index 00000000..aaf01101
--- /dev/null
+++ b/apps/learned/metadata/local.meta
@@ -0,0 +1,1089 @@
+[props/first_install-too_small]
+owner = nobody
+version = 10.0.0
+modtime = 1760886104.577674000
+
+[props/audit_v-too_small]
+owner = nobody
+version = 10.0.0
+modtime = 1760886104.596430000
+
+[props/cloudgateway_untracked-too_small]
+owner = nobody
+version = 10.0.0
+modtime = 1760886104.671992000
+
+[props/supervisor-too_small]
+owner = nobody
+version = 10.0.0
+modtime = 1760886104.692515000
+
+[props/sup-pkg-ipc_broker-stdout-too_small]
+owner = nobody
+version = 10.0.0
+modtime = 1760886105.785938000
+
+[props/sup-pkg-spotlight-collector-stdout-too_small]
+owner = nobody
+version = 10.0.0
+modtime = 1760886112.522214000
+
+[props/sup-pkg-spotlight-collector-too_small]
+owner = nobody
+version = 10.0.0
+modtime = 1760886112.609912000
+
+[props/sup-pkg-edge-processor-config-stdout-too_small]
+owner = nobody
+version = 10.0.0
+modtime = 1760886113.894291000
+
+[props/sup-pkg-cmp-orchestrator-stdout-too_small]
+owner = nobody
+version = 10.0.0
+modtime = 1760886114.135549000
+
+[props/spl2-orchestrator-too_small]
+owner = nobody
+version = 10.0.0
+modtime = 1760886114.144861000
+
+[props/sup-pkg-cmp-orchestrator-too_small]
+owner = nobody
+version = 10.0.0
+modtime = 1760886114.150681000
+
+[props/language-server-too_small]
+owner = nobody
+version = 10.0.0
+modtime = 1760886114.159115000
+
+[props/sup-pkg-identity-stdout-too_small]
+owner = nobody
+version = 10.0.0
+modtime = 1760886114.589045000
+
+[props/export_metrics-too_small]
+owner = nobody
+version = 10.0.0
+modtime = 1760886114.823696000
+
+[props/sup-pkg-postgres-too_small]
+owner = nobody
+version = 10.0.0
+modtime = 1760886114.970860000
+
+[props/sup-pkg-postgres-stdout-too_small]
+owner = nobody
+version = 10.0.0
+modtime = 1760886114.981258000
+
+[props/sup-pkg-agent-manager-stdout-too_small]
+owner = nobody
+version = 10.0.0
+modtime = 1760886115.341367000
+
+[props/sup-pkg-opamp-svc-stdout-too_small]
+owner = nobody
+version = 10.0.0
+modtime = 1760886115.845748000
+
+[props/splunk_instrumentation-too_small]
+owner = nobody
+version = 10.0.0
+modtime = 1760886411.875671000
+
+[props/supervisor-2]
+owner = nobody
+version = 10.0.0
+modtime = 1760886571.575774000
+
+[sourcetypes/%2Fopt%2Fsplunk%2Fvar%2Flog%2Fsplunk%2Fsupervisor.log_Sun_Oct_19_17%3A09%3A31_2025_1474066726]
+owner = nobody
+version = 10.0.0
+modtime = 1760886571.683791000
+
+[props/sup-pkg-postgres-stdout-2]
+owner = nobody
+version = 10.0.0
+modtime = 1760886571.749992000
+
+[sourcetypes/%2Fopt%2Fsplunk%2Fvar%2Flog%2Fsplunk%2Fsup-pkg-postgres-stdout.log_Sun_Oct_19_17%3A09%3A31_2025_686783033]
+owner = nobody
+version = 10.0.0
+modtime = 1760886571.773302000
+
+[props/splunk_archiver-too_small]
+owner = nobody
+version = 10.0.0
+modtime = 1760887021.792074000
+
+[props/splunk_o11y_app-too_small]
+owner = nobody
+version = 10.0.0
+modtime = 1760887264.669675000
+
+[props/sup-pkg-ipc_broker-too_small]
+owner = nobody
+version = 10.0.0
+modtime = 1760887828.523100000
+
+[props/sup-pkg-identity-too_small]
+owner = nobody
+version = 10.0.0
+modtime = 1760887828.626712000
+
+[props/sup-pkg-agent-manager-too_small]
+owner = nobody
+version = 10.0.0
+modtime = 1760887828.637352000
+
+[props/language-server-2]
+owner = nobody
+version = 10.0.0
+modtime = 1760887850.118498000
+
+[sourcetypes/%2Fopt%2Fsplunk%2Fvar%2Flog%2Fsplunk%2Flanguage-server.log_Sun_Oct_19_17%3A30%3A50_2025_667066617]
+owner = nobody
+version = 10.0.0
+modtime = 1760887850.150014000
+
+[props/sup-pkg-edge-processor-config-too_small]
+owner = nobody
+version = 10.0.0
+modtime = 1760887859.355507000
+
+[props/sup-pkg-opamp-svc-too_small]
+owner = nobody
+version = 10.0.0
+modtime = 1760887865.355096000
+
+[props/sup-pkg-edge-processor-config-stdout-2]
+owner = nobody
+version = 10.0.0
+modtime = 1761406737.619835000
+
+[sourcetypes/%2Fopt%2Fsplunk%2Fvar%2Flog%2Fsplunk%2Fsup-pkg-edge-processor-config-stdout.log_Sat_Oct_25_17%3A38%3A57_2025_664940085]
+owner = nobody
+version = 10.0.0
+modtime = 1761406737.703289000
+
+[sourcetypes/%2Fopt%2Fsplunk%2Fvar%2Flog%2Fsplunk%2Fsup-pkg-edge-processor-config-stdout.log_Sat_Oct_25_17%3A38%3A57_2025_1083946308]
+owner = nobody
+version = 10.0.0
+modtime = 1761406737.749574000
+
+[sourcetypes/%2Fopt%2Fsplunk%2Fvar%2Flog%2Fsplunk%2Fsup-pkg-edge-processor-config-stdout.log_Sat_Oct_25_17%3A38%3A57_2025_81843992]
+owner = nobody
+version = 10.0.0
+modtime = 1761406737.851988000
+
+[sourcetypes/%2Fopt%2Fsplunk%2Fvar%2Flog%2Fsplunk%2Fsup-pkg-edge-processor-config-stdout.log_Sat_Oct_25_17%3A38%3A57_2025_592469891]
+owner = nobody
+version = 10.0.0
+modtime = 1761406737.934856000
+
+[props/sup-pkg-cmp-orchestrator-stdout-2]
+owner = nobody
+version = 10.0.0
+modtime = 1761406738.768852000
+
+[sourcetypes/%2Fopt%2Fsplunk%2Fvar%2Flog%2Fsplunk%2Fsup-pkg-cmp-orchestrator-stdout.log_Sat_Oct_25_17%3A38%3A58_2025_1476162846]
+owner = nobody
+version = 10.0.0
+modtime = 1761406738.793599000
+
+[sourcetypes/%2Fopt%2Fsplunk%2Fvar%2Flog%2Fsplunk%2Fsup-pkg-cmp-orchestrator-stdout.log_Sat_Oct_25_17%3A38%3A58_2025_1558550344]
+owner = nobody
+version = 10.0.0
+modtime = 1761406738.815294000
+
+[props/splunk_archiver-2]
+owner = nobody
+version = 10.0.0
+modtime = 1761406743.740928000
+
+[sourcetypes/%2Fopt%2Fsplunk%2Fvar%2Flog%2Fsplunk%2Fsplunk_archiver.log_Sat_Oct_25_17%3A39%3A03_2025_1050017487]
+owner = nobody
+version = 10.0.0
+modtime = 1761406743.760617000
+
+[props/sup-pkg-ipc_broker-stdout-2]
+owner = nobody
+version = 10.0.0
+modtime = 1761421943.478771000
+
+[sourcetypes/%2Fopt%2Fsplunk%2Fvar%2Flog%2Fsplunk%2Fsup-pkg-ipc_broker-stdout.log_Sat_Oct_25_21%3A52%3A23_2025_1042601451]
+owner = nobody
+version = 10.0.0
+modtime = 1761421943.540485000
+
+[sourcetypes/%2Fopt%2Fsplunk%2Fvar%2Flog%2Fsplunk%2Fsup-pkg-ipc_broker-stdout.log_Sat_Oct_25_21%3A52%3A23_2025_744375384]
+owner = nobody
+version = 10.0.0
+modtime = 1761421943.704422000
+
+[props/sup-pkg-cmp-orchestrator-4]
+owner = nobody
+version = 10.0.0
+modtime = 1761421946.714813000
+
+[sourcetypes/%2Fopt%2Fsplunk%2Fvar%2Flog%2Fsplunk%2Fsup-pkg-cmp-orchestrator.log_Sat_Oct_25_21%3A52%3A26_2025_1149856673]
+owner = nobody
+version = 10.0.0
+modtime = 1761421946.745403000
+
+[sourcetypes/%2Fopt%2Fsplunk%2Fvar%2Flog%2Fsplunk%2Fsup-pkg-cmp-orchestrator.log_Sat_Oct_25_21%3A52%3A26_2025_1126259121]
+owner = nobody
+version = 10.0.0
+modtime = 1761421946.773663000
+
+[sourcetypes/%2Fopt%2Fsplunk%2Fvar%2Flog%2Fsplunk%2Fsup-pkg-cmp-orchestrator.log_Sat_Oct_25_21%3A52%3A26_2025_301222986]
+owner = nobody
+version = 10.0.0
+modtime = 1761421946.803536000
+
+[props/sup-pkg-postgres-4]
+owner = nobody
+version = 10.0.0
+modtime = 1761421948.105042000
+
+[sourcetypes/%2Fopt%2Fsplunk%2Fvar%2Flog%2Fsplunk%2Fsup-pkg-postgres.log_Sat_Oct_25_21%3A52%3A28_2025_2138462857]
+owner = nobody
+version = 10.0.0
+modtime = 1761421948.313470000
+
+[props/sup-pkg-edge-processor-config-4]
+owner = nobody
+version = 10.0.0
+modtime = 1761421952.040181000
+
+[sourcetypes/%2Fopt%2Fsplunk%2Fvar%2Flog%2Fsplunk%2Fsup-pkg-edge-processor-config.log_Sat_Oct_25_21%3A52%3A32_2025_2077109299]
+owner = nobody
+version = 10.0.0
+modtime = 1761421952.059290000
+
+[props/sup-pkg-opamp-svc-3]
+owner = nobody
+version = 10.0.0
+modtime = 1761421952.220269000
+
+[sourcetypes/%2Fopt%2Fsplunk%2Fvar%2Flog%2Fsplunk%2Fsup-pkg-opamp-svc.log_Sat_Oct_25_21%3A52%3A32_2025_1477975140]
+owner = nobody
+version = 10.0.0
+modtime = 1761421952.244733000
+
+[props/sup-pkg-spotlight-collector-3]
+owner = nobody
+version = 10.0.0
+modtime = 1761596917.005572000
+
+[sourcetypes/%2Fopt%2Fsplunk%2Fvar%2Flog%2Fsplunk%2Fsup-pkg-spotlight-collector.log_Mon_Oct_27_21%3A28%3A40_2025_805851720]
+owner = nobody
+version = 10.0.0
+modtime = 1761596920.674135000
+
+[props/sup-pkg-postgres-5]
+owner = nobody
+version = 10.0.0
+modtime = 1761596928.624239000
+
+[sourcetypes/%2Fopt%2Fsplunk%2Fvar%2Flog%2Fsplunk%2Fsup-pkg-postgres.log_Mon_Oct_27_21%3A28%3A48_2025_2088265189]
+owner = nobody
+version = 10.0.0
+modtime = 1761596928.648509000
+
+[props/sup-pkg-opamp-svc-4]
+owner = nobody
+version = 10.0.0
+modtime = 1761596933.507349000
+
+[sourcetypes/%2Fopt%2Fsplunk%2Fvar%2Flog%2Fsplunk%2Fsup-pkg-opamp-svc.log_Mon_Oct_27_21%3A28%3A53_2025_1008367970]
+owner = nobody
+version = 10.0.0
+modtime = 1761596933.530664000
+
+[sourcetypes/%2Fopt%2Fsplunk%2Fvar%2Flog%2Fsplunk%2Fsup-pkg-opamp-svc.log_Mon_Oct_27_21%3A28%3A53_2025_1828069850]
+owner = nobody
+version = 10.0.0
+modtime = 1761596933.555806000
+
+[props/sup-pkg-postgres-6]
+owner = nobody
+version = 10.0.0
+modtime = 1761686180.539730000
+
+[sourcetypes/%2Fopt%2Fsplunk%2Fvar%2Flog%2Fsplunk%2Fsup-pkg-postgres.log_Tue_Oct_28_22%3A16%3A20_2025_785113672]
+owner = nobody
+version = 10.0.0
+modtime = 1761686180.597995000
+
+[props/sup-pkg-postgres-7]
+owner = nobody
+version = 10.0.0
+modtime = 1762235706.505850000
+
+[sourcetypes/%2Fopt%2Fsplunk%2Fvar%2Flog%2Fsplunk%2Fsup-pkg-postgres.log_Tue_Nov__4_06%3A55%3A06_2025_747683535]
+owner = nobody
+version = 10.0.0
+modtime = 1762235706.879939000
+
+[props/apifilesave-too_small]
+owner = nobody
+version = 10.0.0
+modtime = 1762794382.530989000
+
+[props/gt_icon_collection-too_small]
+owner = nobody
+version = 10.0.0
+modtime = 1762794382.612558000
+
+[props/sup-pkg-postgres-8]
+owner = nobody
+version = 10.0.0
+modtime = 1762795051.298878000
+
+[sourcetypes/%2Fopt%2Fsplunk%2Fvar%2Flog%2Fsplunk%2Fsup-pkg-postgres.log_Mon_Nov_10_18%3A17%3A31_2025_1113963345]
+owner = nobody
+version = 10.0.0
+modtime = 1762795051.616999000
+
+[props/user_access_interface-too_small]
+owner = nobody
+version = 10.0.0
+modtime = 1762795237.163572000
+
+[props/sup-pkg-postgres-9]
+owner = nobody
+version = 10.0.0
+modtime = 1762795695.397348000
+
+[sourcetypes/%2Fopt%2Fsplunk%2Fvar%2Flog%2Fsplunk%2Fsup-pkg-postgres.log_Mon_Nov_10_18%3A28%3A15_2025_370385142]
+owner = nobody
+version = 10.0.0
+modtime = 1762795695.544602000
+
+[props/sup-pkg-postgres-10]
+owner = nobody
+version = 10.0.0
+modtime = 1762796673.990428000
+
+[sourcetypes/%2Fopt%2Fsplunk%2Fvar%2Flog%2Fsplunk%2Fsup-pkg-postgres.log_Mon_Nov_10_18%3A44%3A34_2025_862507575]
+owner = nobody
+version = 10.0.0
+modtime = 1762796674.260598000
+
+[props/mad_rest-too_small]
+owner = nobody
+version = 10.0.0
+modtime = 1762796741.714249000
+
+[props/sup-pkg-postgres-11]
+owner = nobody
+version = 10.0.0
+modtime = 1762798986.492559000
+
+[sourcetypes/%2Fopt%2Fsplunk%2Fvar%2Flog%2Fsplunk%2Fsup-pkg-postgres.log_Mon_Nov_10_19%3A23%3A06_2025_636692360]
+owner = nobody
+version = 10.0.0
+modtime = 1762798986.533865000
+
+[props/unix_sc_rest-too_small]
+owner = nobody
+version = 10.0.0
+modtime = 1762799039.002872000
+
+[props/unixalertevents-too_small]
+owner = nobody
+version = 10.0.0
+modtime = 1762799040.935229000
+
+[props/unixalertsconfig-too_small]
+owner = nobody
+version = 10.0.0
+modtime = 1762799040.951738000
+
+[props/unixheadlines-too_small]
+owner = nobody
+version = 10.0.0
+modtime = 1762799040.964859000
+
+[props/unixsetup-too_small]
+owner = nobody
+version = 10.0.0
+modtime = 1762799040.984819000
+
+[props/unix_configured_handler-too_small]
+owner = nobody
+version = 10.0.0
+modtime = 1762802962.516998000
+
+[props/upgrader_package_delivery-too_small]
+owner = nobody
+version = 10.0.0
+modtime = 1762807667.497049000
+
+[props/sup-pkg-postgres-12]
+owner = nobody
+version = 10.0.0
+modtime = 1762809038.992712000
+
+[sourcetypes/%2Fopt%2Fsplunk%2Fvar%2Flog%2Fsplunk%2Fsup-pkg-postgres.log_Mon_Nov_10_22%3A10%3A39_2025_1498328013]
+owner = nobody
+version = 10.0.0
+modtime = 1762809039.048211000
+
+[props/sa-itsi-ai-summarization-too_small]
+owner = nobody
+version = 10.0.0
+modtime = 1762815601.653321000
+
+[props/sa-itsi-at-recommendations-too_small]
+owner = nobody
+version = 10.0.0
+modtime = 1762815601.702296000
+
+[props/upgrader_package_delivery-2]
+owner = nobody
+version = 10.0.0
+modtime = 1762878107.275180000
+
+[sourcetypes/%2Fopt%2Fsplunk%2Fvar%2Flog%2Fsplunk%2Fupgrader_package_delivery.log_Tue_Nov_11_17%3A21%3A47_2025_915346237]
+owner = nobody
+version = 10.0.0
+modtime = 1762878107.408645000
+
+[props/sup-pkg-postgres-13]
+owner = nobody
+version = 10.0.0
+modtime = 1762881214.758147000
+
+[sourcetypes/%2Fopt%2Fsplunk%2Fvar%2Flog%2Fsplunk%2Fsup-pkg-postgres.log_Tue_Nov_11_18%3A13%3A35_2025_1502835522]
+owner = nobody
+version = 10.0.0
+modtime = 1762881215.683589000
+
+[props/splunk_instrumentation-2]
+owner = nobody
+version = 10.0.0
+modtime = 1762881220.718889000
+
+[sourcetypes/%2Fopt%2Fsplunk%2Fvar%2Flog%2Fsplunk%2Fsplunk_instrumentation.log_Tue_Nov_11_18%3A13%3A40_2025_1457943198]
+owner = nobody
+version = 10.0.0
+modtime = 1762881220.750705000
+
+[props/sup-pkg-postgres-14]
+owner = nobody
+version = 10.0.0
+modtime = 1764195565.613659000
+
+[sourcetypes/%2Fopt%2Fsplunk%2Fvar%2Flog%2Fsplunk%2Fsup-pkg-postgres.log_Wed_Nov_26_23%3A19%3A26_2025_1920503782]
+owner = nobody
+version = 10.0.0
+modtime = 1764195566.411142000
+
+[props/sup-pkg-postgres-15]
+owner = nobody
+version = 10.0.0
+modtime = 1764282010.092537000
+
+[sourcetypes/%2Fopt%2Fsplunk%2Fvar%2Flog%2Fsplunk%2Fsup-pkg-postgres.log_Thu_Nov_27_23%3A20%3A10_2025_51752181]
+owner = nobody
+version = 10.0.0
+modtime = 1764282011.029356000
+
+[props/sup-pkg-postgres-16]
+owner = nobody
+version = 10.0.0
+modtime = 1764346909.436916000
+
+[sourcetypes/%2Fopt%2Fsplunk%2Fvar%2Flog%2Fsplunk%2Fsup-pkg-postgres.log_Fri_Nov_28_17%3A21%3A49_2025_321352134]
+owner = nobody
+version = 10.0.0
+modtime = 1764346909.489605000
+
+[props/sup-pkg-postgres-17]
+owner = nobody
+version = 10.0.0
+modtime = 1764359544.560668000
+
+[sourcetypes/%2Fopt%2Fsplunk%2Fvar%2Flog%2Fsplunk%2Fsup-pkg-postgres.log_Fri_Nov_28_20%3A52%3A24_2025_755947375]
+owner = nobody
+version = 10.0.0
+modtime = 1764359544.648152000
+
+[props/sup-pkg-postgres-18]
+owner = nobody
+version = 10.0.0
+modtime = 1764370379.136112000
+
+[sourcetypes/%2Fopt%2Fsplunk%2Fvar%2Flog%2Fsplunk%2Fsup-pkg-postgres.log_Fri_Nov_28_23%3A52%3A59_2025_1192264977]
+owner = nobody
+version = 10.0.0
+modtime = 1764370379.236361000
+
+[props/sup-pkg-postgres-19]
+owner = nobody
+version = 10.0.0
+modtime = 1764372593.774274000
+
+[sourcetypes/%2Fopt%2Fsplunk%2Fvar%2Flog%2Fsplunk%2Fsup-pkg-postgres.log_Sat_Nov_29_00%3A29%3A54_2025_407609197]
+owner = nobody
+version = 10.0.0
+modtime = 1764372594.482272000
+
+[props/sup-pkg-postgres-20]
+owner = nobody
+version = 10.0.0
+modtime = 1764540055.515863000
+
+[sourcetypes/%2Fopt%2Fsplunk%2Fvar%2Flog%2Fsplunk%2Fsup-pkg-postgres.log_Sun_Nov_30_23%3A00%3A55_2025_942386994]
+owner = nobody
+version = 10.0.0
+modtime = 1764540056.063666000
+
+[props/sup-pkg-postgres-21]
+owner = nobody
+version = 10.0.0
+modtime = 1764542751.085014000
+
+[sourcetypes/%2Fopt%2Fsplunk%2Fvar%2Flog%2Fsplunk%2Fsup-pkg-postgres.log_Sun_Nov_30_23%3A45%3A51_2025_1404419310]
+owner = nobody
+version = 10.0.0
+modtime = 1764542751.562193000
+
+[props/sup-pkg-postgres-22]
+owner = nobody
+version = 10.0.0
+modtime = 1764544179.466279000
+
+[sourcetypes/%2Fopt%2Fsplunk%2Fvar%2Flog%2Fsplunk%2Fsup-pkg-postgres.log_Mon_Dec__1_00%3A09%3A39_2025_1068328262]
+owner = nobody
+version = 10.0.0
+modtime = 1764544179.943395000
+
+[props/sup-pkg-postgres-23]
+owner = nobody
+version = 10.0.0
+modtime = 1764593267.262102000
+
+[sourcetypes/%2Fopt%2Fsplunk%2Fvar%2Flog%2Fsplunk%2Fsup-pkg-postgres.log_Mon_Dec__1_13%3A47%3A47_2025_384899471]
+owner = nobody
+version = 10.0.0
+modtime = 1764593267.387629000
+
+[props/sup-pkg-postgres-24]
+owner = nobody
+version = 10.0.0
+modtime = 1764595663.935504000
+
+[sourcetypes/%2Fopt%2Fsplunk%2Fvar%2Flog%2Fsplunk%2Fsup-pkg-postgres.log_Mon_Dec__1_14%3A27%3A43_2025_919905266]
+owner = nobody
+version = 10.0.0
+modtime = 1764595664.028629000
+
+[props/sup-pkg-postgres-25]
+owner = nobody
+version = 10.0.0
+modtime = 1764599423.451069000
+
+[sourcetypes/%2Fopt%2Fsplunk%2Fvar%2Flog%2Fsplunk%2Fsup-pkg-postgres.log_Mon_Dec__1_15%3A30%3A23_2025_1334049448]
+owner = nobody
+version = 10.0.0
+modtime = 1764599424.202518000
+
+[props/sup-pkg-postgres-26]
+owner = nobody
+version = 10.0.0
+modtime = 1764615919.459760000
+
+[sourcetypes/%2Fopt%2Fsplunk%2Fvar%2Flog%2Fsplunk%2Fsup-pkg-postgres.log_Mon_Dec__1_20%3A05%3A19_2025_1617536899]
+owner = nobody
+version = 10.0.0
+modtime = 1764615919.530612000
+
+[props/sup-pkg-postgres-27]
+owner = nobody
+version = 10.0.0
+modtime = 1764622740.236434000
+
+[sourcetypes/%2Fopt%2Fsplunk%2Fvar%2Flog%2Fsplunk%2Fsup-pkg-postgres.log_Mon_Dec__1_21%3A59%3A00_2025_541137574]
+owner = nobody
+version = 10.0.0
+modtime = 1764622740.635330000
+
+[props/sup-pkg-postgres-28]
+owner = nobody
+version = 10.0.0
+modtime = 1764709575.024310000
+
+[sourcetypes/%2Fopt%2Fsplunk%2Fvar%2Flog%2Fsplunk%2Fsup-pkg-postgres.log_Tue_Dec__2_22%3A06%3A15_2025_563846931]
+owner = nobody
+version = 10.0.0
+modtime = 1764709576.122282000
+
+[props/sup-pkg-spotlight-collector-4]
+owner = nobody
+version = 10.0.0
+modtime = 1764794337.010942000
+
+[sourcetypes/%2Fopt%2Fsplunk%2Fvar%2Flog%2Fsplunk%2Fsup-pkg-spotlight-collector.log_Wed_Dec__3_21%3A38%3A57_2025_913226333]
+owner = nobody
+version = 10.0.0
+modtime = 1764794337.372914000
+
+[props/sup-pkg-postgres-29]
+owner = nobody
+version = 10.0.0
+modtime = 1764795169.822915000
+
+[sourcetypes/%2Fopt%2Fsplunk%2Fvar%2Flog%2Fsplunk%2Fsup-pkg-postgres.log_Wed_Dec__3_21%3A52%3A50_2025_347641891]
+owner = nobody
+version = 10.0.0
+modtime = 1764795171.449956000
+
+[props/sup-pkg-postgres-30]
+owner = nobody
+version = 10.0.0
+modtime = 1764796882.861069000
+
+[sourcetypes/%2Fopt%2Fsplunk%2Fvar%2Flog%2Fsplunk%2Fsup-pkg-postgres.log_Wed_Dec__3_22%3A21%3A23_2025_1351108706]
+owner = nobody
+version = 10.0.0
+modtime = 1764796883.579750000
+
+[props/sup-pkg-postgres-31]
+owner = nobody
+version = 10.0.0
+modtime = 1764797527.821538000
+
+[sourcetypes/%2Fopt%2Fsplunk%2Fvar%2Flog%2Fsplunk%2Fsup-pkg-postgres.log_Wed_Dec__3_22%3A32%3A08_2025_1367664015]
+owner = nobody
+version = 10.0.0
+modtime = 1764797528.546208000
+
+[props/sup-pkg-postgres-32]
+owner = nobody
+version = 10.0.0
+modtime = 1764799154.422833000
+
+[sourcetypes/%2Fopt%2Fsplunk%2Fvar%2Flog%2Fsplunk%2Fsup-pkg-postgres.log_Wed_Dec__3_22%3A59%3A15_2025_513446126]
+owner = nobody
+version = 10.0.0
+modtime = 1764799156.334431000
+
+[props/gt_icon_collection-2]
+owner = nobody
+version = 10.0.2
+modtime = 1765125564.991560000
+
+[sourcetypes/%2Fopt%2Fsplunk%2Fvar%2Flog%2Fsplunk%2Fgt_icon_collection.log_Sun_Dec__7_17%3A39%3A25_2025_177930135]
+owner = nobody
+version = 10.0.2
+modtime = 1765125565.257097000
+
+[props/splunk_secure_gateway_modular_input.log]
+owner = nobody
+version = 10.0.2
+modtime = 1765125653.958060000
+
+[sourcetypes/%2Fopt%2Fsplunk%2Fvar%2Flog%2Fsplunk%2Fsplunk_secure_gateway_modular_input.log.1_Sun_Dec__7_17%3A40%3A53_2025_1940995090]
+owner = nobody
+version = 10.0.2
+modtime = 1765125653.993859000
+
+[sourcetypes/%2Fopt%2Fsplunk%2Fvar%2Flog%2Fsplunk%2Fsplunk_secure_gateway_modular_input.log.1_Sun_Dec__7_17%3A40%3A54_2025_515013359]
+owner = nobody
+version = 10.0.2
+modtime = 1765125654.068841000
+
+[sourcetypes/%2Fopt%2Fsplunk%2Fvar%2Flog%2Fsplunk%2Fsplunk_secure_gateway_modular_input.log.1_Sun_Dec__7_17%3A40%3A54_2025_213707839]
+owner = nobody
+version = 10.0.2
+modtime = 1765125654.108601000
+
+[props/itsi_untracked-too_small]
+owner = nobody
+version = 10.0.2
+modtime = 1768506002.329533000
+
+[props/itsi-too_small]
+owner = nobody
+version = 10.0.2
+modtime = 1768506002.402288000
+
+[props/itsi_apply_at_outliers-too_small]
+owner = nobody
+version = 10.0.2
+modtime = 1768506002.433624000
+
+[props/itsi_custom_threshold_window_overlaps_detector]
+owner = nobody
+version = 10.0.2
+modtime = 1768506002.863145000
+
+[sourcetypes/%2Fopt%2Fsplunk%2Fvar%2Flog%2Fsplunk%2Fitsi_custom_threshold_window_overlaps_detector.log_Thu_Jan_15_20%3A40%3A02_2026_2061099872]
+owner = nobody
+version = 10.0.2
+modtime = 1768506002.887130000
+
+[props/itsi_age_kpi_alert_value_cache-too_small]
+owner = nobody
+version = 10.0.2
+modtime = 1768506003.004925000
+
+[props/itsi_backfill-too_small]
+owner = nobody
+version = 10.0.2
+modtime = 1768506003.235428000
+
+[props/itsi_content_pack_authorship]
+owner = nobody
+version = 10.0.2
+modtime = 1768506003.971641000
+
+[sourcetypes/%2Fopt%2Fsplunk%2Fvar%2Flog%2Fsplunk%2Fitsi_content_pack_authorship.log_Thu_Jan_15_20%3A40%3A03_2026_2142501265]
+owner = nobody
+version = 10.0.2
+modtime = 1768506004.033058000
+
+[props/itsi_content_packs_itsicli-too_small]
+owner = nobody
+version = 10.0.2
+modtime = 1768506004.138806000
+
+[props/itsi_content_packs_itsimodels]
+owner = nobody
+version = 10.0.2
+modtime = 1768506004.196889000
+
+[sourcetypes/%2Fopt%2Fsplunk%2Fvar%2Flog%2Fsplunk%2Fitsi_content_packs_itsimodels.log_Thu_Jan_15_20%3A40%3A04_2026_107506064]
+owner = nobody
+version = 10.0.2
+modtime = 1768506004.217030000
+
+[props/itsi_csv_import]
+owner = nobody
+version = 10.0.2
+modtime = 1768506004.297680000
+
+[sourcetypes/%2Fopt%2Fsplunk%2Fvar%2Flog%2Fsplunk%2Fitsi_csv_import.log_Thu_Jan_15_20%3A40%3A04_2026_1110876676]
+owner = nobody
+version = 10.0.2
+modtime = 1768506004.318153000
+
+[props/itsi_episode_summarization_cleanup-too_small]
+owner = nobody
+version = 10.0.2
+modtime = 1768506005.423050000
+
+[props/itsi_exported_episode_files_cleaner]
+owner = nobody
+version = 10.0.2
+modtime = 1768506005.946177000
+
+[sourcetypes/%2Fopt%2Fsplunk%2Fvar%2Flog%2Fsplunk%2Fitsi_exported_episode_files_cleaner.log_Thu_Jan_15_20%3A40%3A05_2026_60499474]
+owner = nobody
+version = 10.0.2
+modtime = 1768506005.975575000
+
+[sourcetypes/%2Fopt%2Fsplunk%2Fvar%2Flog%2Fsplunk%2Fitsi_exported_episode_files_cleaner.log_Thu_Jan_15_20%3A40%3A06_2026_1425258872]
+owner = nobody
+version = 10.0.2
+modtime = 1768506006.028922000
+
+[sourcetypes/%2Fopt%2Fsplunk%2Fvar%2Flog%2Fsplunk%2Fitsi_exported_episode_files_cleaner.log_Thu_Jan_15_20%3A40%3A06_2026_1354750084]
+owner = nobody
+version = 10.0.2
+modtime = 1768506006.069193000
+
+[props/itsi_hec_init-too_small]
+owner = nobody
+version = 10.0.2
+modtime = 1768506006.137609000
+
+[props/itsi_maintenance_calendar_retention-too_small]
+owner = nobody
+version = 10.0.2
+modtime = 1768506006.182298000
+
+[props/itsi_nats_certificates_auto_rotation-too_small]
+owner = nobody
+version = 10.0.2
+modtime = 1768506006.543064000
+
+[props/itsi_notable_event_actions_consumer_assigning-too_small]
+owner = nobody
+version = 10.0.2
+modtime = 1768506006.575327000
+
+[props/itsi_notable_event_hec_init-too_small]
+owner = nobody
+version = 10.0.2
+modtime = 1768506006.609920000
+
+[props/itsi_queue_consumer_size_checker-too_small]
+owner = nobody
+version = 10.0.2
+modtime = 1768506006.637093000
+
+[props/itsi_user_access_init-too_small]
+owner = nobody
+version = 10.0.2
+modtime = 1768506007.188651000
+
+[props/itsi_backfill_record_cleanup-backfill_cleanup-too_small]
+owner = nobody
+version = 10.0.2
+modtime = 1768506009.769548000
+
+[props/itsi_content_packs_itoa-too_small]
+owner = nobody
+version = 10.0.2
+modtime = 1768506010.106404000
+
+[props/itsi_content_packs_retrieve-too_small]
+owner = nobody
+version = 10.0.2
+modtime = 1768506010.119127000
+
+[props/itsi_content_packs_saved_search_status-too_small]
+owner = nobody
+version = 10.0.2
+modtime = 1768506010.163304000
+
+[props/itsi_command_change_rules_engine_process-too_small]
+owner = nobody
+version = 10.0.2
+modtime = 1768506010.310138000
+
+[props/itsi-nats-server]
+owner = nobody
+version = 10.0.2
+modtime = 1768506010.732728000
+
+[sourcetypes/%2Fopt%2Fsplunk%2Fvar%2Flog%2Fsplunk%2Fitsi-nats-server.log_Thu_Jan_15_20%3A40%3A10_2026_1611474517]
+owner = nobody
+version = 10.0.2
+modtime = 1768506010.759070000
+
+[sourcetypes/%2Fopt%2Fsplunk%2Fvar%2Flog%2Fsplunk%2Fitsi-nats-server.log_Thu_Jan_15_20%3A40%3A10_2026_1046321407]
+owner = nobody
+version = 10.0.2
+modtime = 1768506010.807796000
+
+[props/itsi_content_packs_preview-too_small]
+owner = nobody
+version = 10.0.2
+modtime = 1768506011.024741000
+
+[props/itsi_content_packs_install-too_small]
+owner = nobody
+version = 10.0.2
+modtime = 1768506011.101585000
+
+[props/itsi_command_getservice-too_small]
+owner = nobody
+version = 10.0.2
+modtime = 1768506011.231715000
+
+[props/unix_installer-too_small]
+owner = nobody
+version = 10.0.2
+modtime = 1768506012.412101000
+
+[props/itsi_ai_summary_worker]
+owner = nobody
+version = 10.0.2
+modtime = 1768506012.611088000
+
+[sourcetypes/%2Fopt%2Fsplunk%2Fvar%2Flog%2Fsplunk%2Fitsi_ai_summary_worker.log_Thu_Jan_15_20%3A40%3A12_2026_940836384]
+owner = nobody
+version = 10.0.2
+modtime = 1768506012.671614000
+
+[props/itsi_command_batch_at-too_small]
+owner = nobody
+version = 10.0.2
+modtime = 1768506012.700128000
+
+[props/itsi_appserver.log-too_small]
+owner = nobody
+version = 10.0.2
+modtime = 1768506016.559500000
+
+[props/itsi_queue_re_init.log]
+owner = nobody
+version = 10.0.2
+modtime = 1768506052.663563000
+
+[sourcetypes/%2Fopt%2Fsplunk%2Fvar%2Flog%2Fsplunk%2Fitsi_queue_re_init.log.5_Thu_Jan_15_20%3A40%3A52_2026_1474047470]
+owner = nobody
+version = 10.0.2
+modtime = 1768506052.684222000
+
+[props/itsi_license_checker.log-too_small]
+owner = nobody
+version = 10.0.2
+modtime = 1768506084.760292000
+
+[props/itsi_license_checker.log-2]
+owner = nobody
+version = 10.0.2
+modtime = 1768506085.351606000
+
+[sourcetypes/%2Fopt%2Fsplunk%2Fvar%2Flog%2Fsplunk%2Fitsi_license_checker.log.4_Thu_Jan_15_20%3A41%3A25_2026_1780892452]
+owner = nobody
+version = 10.0.2
+modtime = 1768506085.373350000
+
+[sourcetypes/%2Fopt%2Fsplunk%2Fvar%2Flog%2Fsplunk%2Fitsi_license_checker.log.4_Thu_Jan_15_20%3A41%3A25_2026_1187581544]
+owner = nobody
+version = 10.0.2
+modtime = 1768506085.421079000
+
+[props/itsi_nats_mod_input.log]
+owner = nobody
+version = 10.0.2
+modtime = 1768506086.790207000
+
+[sourcetypes/%2Fopt%2Fsplunk%2Fvar%2Flog%2Fsplunk%2Fitsi_nats_mod_input.log.5_Thu_Jan_15_20%3A41%3A26_2026_1140973338]
+owner = nobody
+version = 10.0.2
+modtime = 1768506086.810268000
+
+[props/itsi_command_health_monitor.log-too_small]
+owner = nobody
+version = 10.0.2
+modtime = 1768506093.603504000
+
+[props/itsi_command_set_severity_fields_v2.log-too_small]
+owner = nobody
+version = 10.0.2
+modtime = 1768506117.489316000
+
+[props/itsi_backup_restore-too_small]
+owner = nobody
+version = 10.0.2
+modtime = 1768506144.523706000
+
+[props/itsi_default_correlation_search_acl_loader.log]
+owner = nobody
+version = 10.0.2
+modtime = 1768513113.481528000
+
+[sourcetypes/%2Fopt%2Fsplunk%2Fvar%2Flog%2Fsplunk%2Fitsi_default_correlation_search_acl_loader.log.4_Thu_Jan_15_22%3A38%3A33_2026_404475204]
+owner = nobody
+version = 10.0.2
+modtime = 1768513113.537326000
+
+[sourcetypes/%2Fopt%2Fsplunk%2Fvar%2Flog%2Fsplunk%2Fitsi_default_correlation_search_acl_loader.log.4_Thu_Jan_15_22%3A38%3A33_2026_1303883513]
+owner = nobody
+version = 10.0.2
+modtime = 1768513113.623289000
+
+[props/trackme_audit_events-too_small]
+owner = nobody
+version = 10.0.2
+modtime = 1768594594.888349000
+
+[props/trackme_state_events-too_small]
+owner = nobody
+version = 10.0.2
+modtime = 1768594868.524552000
+
+[props/trackme_handler_events-too_small]
+owner = nobody
+version = 10.0.2
+modtime = 1768594869.499818000
+
+[props/trackme_state_events-2]
+owner = nobody
+version = 10.0.2
+modtime = 1769116992.254572000
+
+[sourcetypes/%2Fopt%2Fsplunk%2Fvar%2Flog%2Fsplunk%2Ftrackme_state_events.log_Thu_Jan_22_22%3A23%3A12_2026_656779231]
+owner = nobody
+version = 10.0.2
+modtime = 1769116992.616326000
+
+[sourcetypes/%2Fopt%2Fsplunk%2Fvar%2Flog%2Fsplunk%2Ftrackme_state_events.log_Thu_Jan_22_22%3A23%3A12_2026_1087230720]
+owner = nobody
+version = 10.0.2
+modtime = 1769116992.823978000
+
+[sourcetypes/%2Fopt%2Fsplunk%2Fvar%2Flog%2Fsplunk%2Ftrackme_state_events.log_Thu_Jan_22_22%3A23%3A13_2026_686683120]
+owner = nobody
+version = 10.0.2
+modtime = 1769116993.146175000
+
+[props/trackme_handler_events-2]
+owner = nobody
+version = 10.0.2
+modtime = 1769116995.360134000
+
+[sourcetypes/%2Fopt%2Fsplunk%2Fvar%2Flog%2Fsplunk%2Ftrackme_handler_events.log_Thu_Jan_22_22%3A23%3A15_2026_747691493]
+owner = nobody
+version = 10.0.2
+modtime = 1769116995.408110000
+
+[sourcetypes/%2Fopt%2Fsplunk%2Fvar%2Flog%2Fsplunk%2Ftrackme_handler_events.log_Thu_Jan_22_22%3A23%3A15_2026_964192195]
+owner = nobody
+version = 10.0.2
+modtime = 1769116995.539268000
+
+[sourcetypes/%2Fopt%2Fsplunk%2Fvar%2Flog%2Fsplunk%2Ftrackme_handler_events.log_Thu_Jan_22_22%3A23%3A15_2026_876009785]
+owner = nobody
+version = 10.0.2
+modtime = 1769116995.571529000
+
+[props/git_pusher-too_small]
+owner = nobody
+version = 10.0.2
+modtime = 1769203447.070267000
+
+[props/git_pusher_startup-too_small]
+owner = nobody
+version = 10.0.2
+modtime = 1769204245.693123000
+
+[props/git_pusher-3]
+owner = nobody
+version = 10.0.2
+modtime = 1769277750.095265000
+
+[sourcetypes/%2Fopt%2Fsplunk%2Fvar%2Flog%2Fsplunk%2Fgit_pusher.log_Sat_Jan_24_19%3A02%3A30_2026_893356792]
+owner = nobody
+version = 10.0.2
+modtime = 1769277750.345248000
+
+[props/git_pusher_startup-2]
+owner = nobody
+version = 10.0.2
+modtime = 1769294802.999642000
+
+[sourcetypes/%2Fopt%2Fsplunk%2Fvar%2Flog%2Fsplunk%2Fgit_pusher_startup.log_Sat_Jan_24_23%3A46%3A43_2026_86018946]
+owner = nobody
+version = 10.0.2
+modtime = 1769294803.145923000
+
+[props/mlspl.log]
+owner = nobody
+version = 10.0.2
+modtime = 1769301678.058052000
+
+[sourcetypes/%2Fopt%2Fsplunk%2Fvar%2Flog%2Fsplunk%2Fmlspl.log.1_Sun_Jan_25_01%3A41%3A18_2026_174677937]
+owner = nobody
+version = 10.0.2
+modtime = 1769301678.148801000
+
+[props/git_pusher-5]
+owner = nobody
+version = 10.0.2
+modtime = 1769367371.362806000
+
+[sourcetypes/%2Fopt%2Fsplunk%2Fvar%2Flog%2Fsplunk%2Fgit_pusher.log_Sun_Jan_25_19%3A56%3A11_2026_2004250525]
+owner = nobody
+version = 10.0.2
+modtime = 1769367371.450169000