I have UFs (managed by a DS) on Windows endpoints sending winevents to a HF.
The HF receives the events and then sends everything to the indexers cooked and simultaneously sends uncooked data to a 3rd party application.
I have been asked to create some line breaks in the (uncooked events) via the HF before sending to the 3rd party app.
Please advise how I might accomplish this.
I am thinking about adding a Line_Breaker attribute but am not sure where I could place it.
The 3rd party application needs event breaks, and I am thinking that this cannot be done if sending uncooked data to the 3rd party application because uncooked would remove any / all props and transforms.
I don't think this is possible but looking for confirmation one way or the other.
Thank you
↧