I am looking for some detailed howto’s on writing my own filters.  I am trying to dump syslog-ng logs / date into splunk, but want to filter that which only I need to index into splunk.  If anyone has any good howto’s or have worked with splunk before I would certainly be open to any ideas or input they might have on the topic.

 

Thanks

 

cb