SPL2 template for Edge Processor and Ingest Processor for Splunk Add-on for Microsoft Windows¶
The template for Splunk Add-on for Microsoft Windows converts XML formatted logs into JSON format and extracts few fields at a top-level.
Templates are available for the Edge Processor (EP) and Ingest Processor (IP). See the following documentation for more information:
| Tameplate name | Version | Use case | Availability |
|---|---|---|---|
| Windows event logs: Convert logs from XML to JSON | 0.2.1 | Convert Windows event logs from XML to JSON, reduce the size of the logs by removing unnecessary data, and extract event fields to ensure compatibility with the Splunk Add-on for Microsoft Windows and the Splunk Common Information Model (CIM). | Edge Processor and Ingest Processor |
See the Release Notes for the template release notes.