Splunk Dev
×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question

How to search and get error log or info log

inventor2014
New Member
‎10-16-2013 02:17 AM

if want to get error log only or info log only, how to search and get with JSON

i am not familiar with
var mySearch = "search * | head 5";

do not know whether data are in ascending or descending in date

is head 5 meaning that the latest 5 records

Tags (2)
0 Karma
Reply

alacercogitatus
SplunkTrust
SplunkTrust
‎10-16-2013 04:21 AM

Review this.

http://docs.splunk.com/Documentation/Splunk/6.0/Search/Usethesearchcommand

But to answer more completely, events are returned in latest to earliest (most recent to farthest back) order by default, and head 5 indicates you only want the first 5 events returned.

Reply

Ayn
Legend
‎10-16-2013 02:34 AM

Sounds like you really need to take the basic Splunk tutorial.

Reply
Get Updates on the Splunk Community!

Celebrating Fast Lane: 2025 Authorized Learning Partner of the Year

At .conf25, Splunk proudly recognized Fast Lane as the 2025 Authorized Learning Partner of the Year. This ...

Tech Talk Recap | Mastering Threat Hunting

Mastering Threat HuntingDive into the world of threat hunting, exploring the key differences between ...

Observability for AI Applications: Troubleshooting Latency

If you’re working with proprietary company data, you’re probably going to have a locally hosted LLM or many ...