Getting Data In
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question
Highlighted

XML parsing with condition

indianhans
Engager
‎12-20-2014 04:52 AM

Hi

I am novice to splunk and need help in writing a splunk query in order to find Order ID (ORD********)

Sample XML

0 Karma
Reply
Highlighted

Re: XML parsing with condition

fdi01
Motivator
‎12-20-2014 08:46 AM

run in bar search the following search:
index=yourindexname

or
index=yourindexname source=yoursourcename sourcetype=yoursourcetypename

index=yourindexname source=yoursourcename sourcetype=yoursourcetypename|....yourcondictionssearch
exple:
index=youindex host=youhost "Error" | chart count sparkline(count, 1h) as trend by host | sort -count

0 Karma
Reply
Highlighted

Re: XML parsing with condition

martin_mueller
SplunkTrust
SplunkTrust
‎12-21-2014 08:59 AM

Is this even related to the question?

0 Karma
Reply
Highlighted

Re: XML parsing with condition

martin_mueller
SplunkTrust
SplunkTrust
‎12-21-2014 08:59 AM

I can't see your sample data.

0 Karma
Reply