Dashboards & Visualizations

create table

swetasoneji
New Member

462 <14>1 2019-03-26T10:45:33.423222+00:00 loggregator ae04d9d7-5ec4-4acd-a954-63c2e3733691 [APP/PROC/WEB] - - 2019-03-26 10:45:33.422+0000 org{am_sp} [log_from=ReportService] [thread=http-nio-8080-exec-8 ] INFO c.j.i.s.p.providers.PrismReportProvider [user=I298611] [swagger-d83e2a40-4fad-11e9-9d7a-6bf144a5c99d] [POST /api/v1/ts/collect/range] <-- Loaded Pri Report MAS/SRS - Time Series (EMEA-NOSPLIT)/72022/2019-03-15 (took 00:00:25.864)

I would like to put "took" values in table

index=am_sp log_from=ReportService "Loaded Pri Report"

Tags (1)
0 Karma
1 Solution

lakshman239
Influencer

You would need a regex to extract it and then use it in table

index=am_sp log_from=ReportService "Loaded Pri Report"   | rex field=_raw "took(\s+(?<time_taken>[0-9:.]+))" | table _time, time_taken

https://regex101.com/r/lcAZF0/1

View solution in original post

0 Karma

lakshman239
Influencer

You would need a regex to extract it and then use it in table

index=am_sp log_from=ReportService "Loaded Pri Report"   | rex field=_raw "took(\s+(?<time_taken>[0-9:.]+))" | table _time, time_taken

https://regex101.com/r/lcAZF0/1

0 Karma

swetasoneji
New Member

How to put that in graph

0 Karma

lakshman239
Influencer

one way to get that in timechart is

 index=am_sp log_from=ReportService "Loaded Pri Report"   | rex field=_raw "took(\s+(?<time_taken>[0-9:.]+))" | timechart avg(time_taken) by host

Pls refer to the doc to change the reports/dashboards as you need.

https://docs.splunk.com/Documentation/SplunkCloud/7.2.3/SearchTutorial/Aboutsavingandsharingreports

0 Karma
Get Updates on the Splunk Community!

See just what you’ve been missing | Observability tracks at Splunk University

Looking to sharpen your observability skills so you can better understand how to collect and analyze data from ...

Weezer at .conf25? Say it ain’t so!

Hello Splunkers, The countdown to .conf25 is on-and we've just turned up the volume! We're thrilled to ...

How SC4S Makes Suricata Logs Ingestion Simple

Network security monitoring has become increasingly critical for organizations of all sizes. Splunk has ...