A lot of you may be using Cribl Logstream as a front end to Splunk. While Cribl has some amazing power right out of the box, occasionally you may need to do something that there is not yet a function for.
In this talk I walk through a simple function and build it step by step. We start with the absolute simplest of tasks, then proceed to incrementally build up capabilities until we have a whole usable function.
Day and Time: