Skip to content

Commit

Permalink
fix: cp_splunk noice control (#1413)
Browse files Browse the repository at this point in the history
  • Loading branch information
Ryan Faircloth authored Jan 30, 2022
1 parent 2e044ba commit 36420c1
Show file tree
Hide file tree
Showing 2 changed files with 3 additions and 3 deletions.
Original file line number Diff line number Diff line change
Expand Up @@ -10,7 +10,7 @@ block parser app-postfilter-checkpoint_splunk_01-partials() {

application app-postfilter-checkpoint_splunk_01-partials[sc4s-postfilter] {
filter {
"fields.sc4s_vendor_product" eq "checkpoint_splunk"
"${fields.sc4s_vendor_product}" eq "checkpoint_splunk"
and "`SC4S_LISTEN_CHECKPOINT_SPLUNK_NOISE_INCOMPLETE_EVENTS`" eq "yes"
and "${.values.loguid}" ne ""
and "${.values.bytes}" eq ""
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -24,9 +24,9 @@ block parser app-postfilter-checkpoint_splunk_02-group() {

application app-postfilter-checkpoint_splunk_02-group[sc4s-postfilter] {
filter {
"fields.sc4s_vendor_product" eq "checkpoint_splunk"
"${fields.sc4s_vendor_product}" eq "checkpoint_splunk"
and "`SC4S_LISTEN_CHECKPOINT_SPLUNK_NOISE_CONTROL`" eq "yes"
and "${.values.loguid}" ne ""
and "${.values.loguid}" ne "";
};
parser { app-postfilter-checkpoint_splunk_02-group(); };
};

0 comments on commit 36420c1

Please sign in to comment.