22 lines
4.7 KiB
22 lines
4.7 KiB
9 months ago
# Version
# Changes to default files will be lost on update and are difficult to
# manage and support.
# Please make any changes to system defaults by overriding them in
# apps or $SPLUNK_HOME/etc/system/local
# (See "Configuration file precedence" in the web documentation).
# To override a specific setting, copy the name of the stanza and
# setting to the file where you wish to override it.
# This file configures event discovery through the search command
# "typelearner."
ignored_keywords = sun, mon, tue, tues, wed, thu, thurs, fri, sat, sunday, monday, tuesday, wednesday, thursday, friday, saturday, jan, feb, mar, apr, may, jun, jul, aug, sep, oct, nov, dec, january, february, march, april, may, june, july, august, september, october, november, december, 2003, 2004, 2005, 2006, am, pm, ut, utc, gmt, cet, cest, cetdst, met, mest, metdst, mez, mesz, eet, eest, eetdst, wet, west, wetdst, msk, msd, ist, jst, kst, hkt, ast, adt, est, edt, cst, cdt, mst, mdt, pst, pdt, cast, cadt, east, eadt, wast, wadt, about, after, again, against, all, almost, already, also, although, always, among, an, and, any, anyone, are, as, at, away, be, became, because, become, becomes, been, before, being, between, both, but, by, came, could, does, during, each, either, else, ever, every, following, for, from, further, gave, gets, give, given, giving, gone, got, had, has, have, having, here, how, however, if, in, into, is, it, itself, just, keep, kept, like, made, make, many, might, more, most, much, must, neither, nor, noted, now, of, often, on, only, or, other, our, out, owing, perhaps, please, quite, rather, really, regarding, said, same, seem, seen, several, shall, should, show, showed, shown, shows, similar, since, so, some, sometime, somewhat, soon, such, than, that, the, their, theirs, them, then, there, therefore, these, they, this, those, though, through, throughout, to, too, toward, under, unless, until, upon, use, used, usefulness, using, various, very, was, we, were, what, when, where, whether, which, while, who, whose, why, will, with, within, without, would, yet, net, org, com, edu, co
ignored_fields = daysago, enddaysago, endhoursago, endminutesago, endmonthsago, endtime, endtimeeu, hoursago, minutesago, monthsago, searchtimespandays, searchtimespanhours, searchtimespanminutes, searchtimespanmonths, startdaysago, starthoursago, startminutesago, startmonthsago, starttime, starttimeeu, timeformat, maxresults, readlevel, readlimit, related, date_year, date_month, date_mday, date_wday, date_hour, date_minute, date_second, date_zone
important_keywords = abort, abstract, accept, access, account, acl, activ, add, address, admin, age, agent, aix, alarm, alert, algorithm, allow, anon, answer, apache, api, app, asp, auth, auto, avg, bea, begin, bgroup, bin, block, bridge, browse, buffer, build, busy, bye, byte, cache, calc, cancel, cannot, caught, caused, cert, cgi, channel, check, child, class, client, clos, code, set, command, common, complet, component, config, connect, content, control, cookie, couldn, count, cpu, creat, crond, current, custom, data, date, db, debug, default, defer, delet, den, deploy, detect, dhcp, dial, didn, dir, dis, doc, done, element, enabl, end, engine, enter, err, escalat, estimat, except, exec, exit, express, ext, fail, fatal, feed, field, file, finish, flag, flush, function, get, group, halt, handl, hang, head, heap, history, home, host, http, ignor, iis, index, info, init, inner, insert, inside, inst, intern, invit, ip, isolate, java, jdbc, jini, jmx, jndi, jni, join, kernel, key, lang, last, ldap, left, level, library, licens, limit, listen, load, locat, lock, log, manag, maps, max, memory, message, meta, method, min, mod, mode, model, monitor, mozilla, mysqld, name, nameserverimp, nest, no, note, notice, ntauthenticationproviders, null, number, object, ok, open, operat, opportunit, option, oracle, orb, order, pam, parse, password, peer, php, physical, pid, pipeline, pool, port, ports, post, power, ppid, pri, process, product, program, public, put, pwd, query, queu, quit, read, receiv, recover, recv, refer, reflect, regist, reject, remov, replac, reply, request, result, rmi, root, run, schedul, script, search, secur, select, send, sent, serial, servic, serv, set, sever, signa, signa, single, sip, size, smtp, snmpd, soap, source, space, specif, sql, ssh, ssi, ssl, stack, stage, stale, start, statist, status, stop, stor, subject, success, support, swap, sys, table, task, tcp, test, text, themes, thread, time, timeout, tmp, top, total, trace, trade, transaction, tri, try, type, unable, unknown, update, uri, url, user, util, valid, value, var, verbose, version, virtual, wait, warn, watch, web, work, workstation, writ, write, xar, xml