Solved: Re: ping test using batch file

raghu_vaidya · ‎07-23-2012

Hi,
I have a windows batch file (.bat) which reads a text (servers.txt) file (this file contains Host names) and produces the output of the ping test. Currently, I have 3 hosts mentioned in the servers.txt file and the output of the ping results which is displayed within Splunk is as below: My requirement is I want to group all the SUCCESS and FAILED hosts, how can I group it? Also, is there a way to colorize the text SUCCESS in green and FAILED text in RED color.

HostName=Host8842, IPAddress=10.10.10.10, Status=SUCCESS
HostName=Host9802, Status=FAILED
HostName=Host41692, IPAddress=11.11.11.11, Status=SUCCESS
host=SuperHost8366 | sourcetype=pingpoc | source=E:\Program Files\Splunk\bin\scripts\pingtest.bat

MarioM · ‎07-23-2012

You need first to line break each line as one event,ie you need to have the following in your props.conf for your sourcetype:

[pingpoc]
SHOULD_LINEMERGE=false

View solution in original post

MarioM · ‎07-23-2012

You need first to line break each line as one event,ie you need to have the following in your props.conf for your sourcetype:

[pingpoc]
SHOULD_LINEMERGE=false

raghu_vaidya · ‎07-23-2012

I added following to props.conf and it started working
[pingpoc]
SHOULD_LINEMERGE=true
BREAK_ONLY_BEFORE = HostName=

Thanks!!

r34220 · ‎01-03-2017

@raghu_vaidya could you share your script?

raghu_vaidya · ‎07-23-2012

EDIT : The fields I get is host, sourcetype and source and as part of the Interesting fields I can see HostName but the count is 1, which always is Host8842, and Status interesting field contains always the value of SUCCESS.
Please let me know how can I use the search app to group the above text by Status.

ping test using batch file

Webinar Recap | Revolutionizing IT Operations: The Transformative Power of AI and ML ...

.conf24 | Registration Open!

ICYMI - Check out the latest releases of Splunk Edge Processor