Greetings,
We are ingesting the OLS error.log file into Splunk SIEM. In order to properly parse the logs, I am seeking the field headers for proper field mapping. I couldn't find this explicitly stated in the documentation. The error.log file has the standard format as the example image below.
Greetings, I am looking to collect OpenLiteSpeed error and access logs with a Splunk Universal Forwarder agent for SIEM ingestion. If anyone has any experience configuring a Splunk forwarder to collect these logs, please let me know.
OS: Linux Ubuntu 22.04.3
openlitespeed-1.7.19
Splunk...