#Random
This is a place to discuss all things outside of Splunk, its products, and its use cases.
×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question

Reading internal json field and finding the total count in last 1 hr

muralip543
Loves-to-Learn Lots
‎12-28-2020 12:11 AM

Hi Team,

The below is my json object, i want to read error object's sub field exception_type and should display the count in the last 1 hour in table format if exception_type="Application Exception"   

 

Please suggest me the splunk query i am very new to splunk.

 

Thank you so much in advance.

{
"class_name": "com.verizon.vsib.addressval.services.CameoClient",
"VSAD_ID": "GYEV",
"True_ip": "10.118.142.156",
"log_message": "Missing Company Code",
"server_port": "443",
"error": {
"exception_type": "Application Exception",
"exception_code": "P0106",
"exception_details": "Missing Company Code"
},
"user_agent": "PostmanRuntime/7.25.0",
"@timestamp": "2020-12-24T05:41:18.181Z",
"log_time_stamp": 1608788478110,
"status_code": 500,
"api_url": "https://vsib-dev.ebiz.verizon.com/addressValidation/validateAddress?null",
"log_level": "info",
"server_host": "10.118.143.141",
"app_environment": "dev",
"@version": "1",
"requestId": "TestSplunk-17",
"vast_id": 25439,
"log_date": "",
"logger_class": "com.verizon.vsib.addressval.services.CameoClient",
"time": 1608788478.181,
"app_name": "VSIB",
"function_name": "pushApplicationError"
}

Tags (1)
0 Karma
Reply
Get Updates on the Splunk Community!

Enter the Agentic Era with Splunk AI Assistant for SPL 1.4

  🚀 Your data just got a serious AI upgrade — are you ready? Say hello to the Agentic Era with the ...

Feel the Splunk Love: Real Stories from Real Customers

Hello Splunk Community,    What’s the best part of hearing how our customers use Splunk? Easy: the positive ...

Data Management Digest – November 2025

  Welcome to the inaugural edition of Data Management Digest! As your trusted partner in data innovation, the ...