Initial commit

Vagrant/resources/splunk_server/props.conf

@@ -0,0 +1,14 @@
+[source::WinEventLog:*]
+TRANSFORMS-host = wef_computername_as_host
+
+[sourcetype::powershell_transcript]
+TRANSFORMS-powershell_rename_host = powershell_rename_host
+
+[powershell_transcript]
+BREAK_ONLY_BEFORE = THISREGEXDOESNTEXIST
+DATETIME_CONFIG =
+NO_BINARY_CHECK = true
+TIME_FORMAT = %Y%m%d%H%M%S
+TIME_PREFIX = Start\stime\:\s
+category = Custom
+pulldown_type = true