Update p_multi-vmware_nsx.conf.tmpl

CSVD · Dec 17, 2019 · 4b87e50 · 4b87e50
1 parent 8ddb10e
commit 4b87e50
Showing 1 changed file with 4 additions and 4 deletions.
diff --git a/package/etc/conf.d/log_paths/p_multi-vmware_nsx.conf.tmpl b/package/etc/conf.d/log_paths/p_multi-vmware_nsx.conf.tmpl
@@ -21,7 +21,7 @@ log {
         filter(f_vmware_nsx);
 
         rewrite {
-            r_set_splunk_dest_default(sourcetype("vmware:nsx:vsphere:syslog"), index("main"), template("t_JSON_5424"), source("program:${PROGRAM}"));
+            r_set_splunk_dest_default(sourcetype("vmware:nsx:vsphere:syslog"), index("main"), source("program:${PROGRAM}"));
             set("$(template ${.splunk.sc4s_template} $(template t_JSON_5424))" value("MSG"));
         };
         parser {
@@ -34,7 +34,7 @@ log {
         rewrite {
             set("${PROGRAM}", value(".PROGRAM"));
             subst('^\/(?:[^\/]+\/)+', "" , value(".PROGRAM"));
-            r_set_splunk_dest_default(sourcetype("vmware:nsx:vsphere:syslog"), index("main"), template("t_legacy_hdr_msg"), source("program:${.PROGRAM}"));
+            r_set_splunk_dest_default(sourcetype("vmware:nsx:vsphere:syslog"), index("main"), source("program:${.PROGRAM}"));
             set("$(template ${.splunk.sc4s_template} $(template t_legacy_hdr_msg))" value("MSG"));
         };
         parser {
@@ -46,7 +46,7 @@ log {
         filter(f_vmware_vsphere);
 
         rewrite {
-            r_set_splunk_dest_default(sourcetype("vmware:esx:vsphere:syslog"), index("main"), template("t_JSON_5424"), source("program:${PROGRAM}"));
+            r_set_splunk_dest_default(sourcetype("vmware:esx:vsphere:syslog"), index("main"), source("program:${PROGRAM}"));
             set("$(template ${.splunk.sc4s_template} $(template t_JSON_5424))" value("MSG"));
         };
         parser {
@@ -59,7 +59,7 @@ log {
         rewrite {
             set("${PROGRAM}", value(".PROGRAM"));
             subst('^\/(?:[^\/]+\/)+', "" , value(".PROGRAM"));
-            r_set_splunk_dest_default(sourcetype("vmware:esx:vsphere:syslog"), index("main"), template("t_legacy_hdr_msg"), source("program:${.PROGRAM}"));
+            r_set_splunk_dest_default(sourcetype("vmware:esx:vsphere:syslog"), index("main"), source("program:${.PROGRAM}"));
             set("$(template ${.splunk.sc4s_template} $(template t_legacy_hdr_msg))" value("MSG"));
         };
         parser {