Good I'm new in Splunk.
I have a two questuions
1 Can I sort syslog messages by severity ?
2 If so, can I mark different severity with a different color to make reading of log more effective ?
Thanks
Have a look here: https://answers.splunk.com/answers/31036/syslog-facility-and-severity-loglevel.html
For color, use eventtypes: http://docs.splunk.com/Documentation/Splunk/6.5.1/Knowledge/Defineeventtypes
Worked for me. Thanks!
So I have to make skript on perl to sort syslog by severity ???
No way. All I need is syslog. There are many freeware soft that can make sort by severity by default.
Uninstall.
Not at all !
Read all the answers and comments, and do not stop to the first one !