Solved: Extract fields from log message

parameshjava · ‎05-04-2017

I used AOP concept to track few methods execution time and it will print the log as follows :

Execution Time : [method Name, time] : getProfiles, 1631
Execution Time : [method Name, time] : getAddress, 1500
Execution Time : [method Name, time] : getReports, 100

Is there any way to generate table/chart for each entry in log as follows:

Method Nane | Time
getProfile |1631
getAddress |1500
getReports | 100

cpetterborg · ‎05-04-2017

Try this:

_your_search_ | rex "] : (?P<MethodName>[^,]*),\s*(?P<Time>\d*)" | table MethodName, Time

Then you can select a visualization from the Visualization tab in the interface.

View solution in original post

cpetterborg · ‎05-04-2017

Try this:

_your_search_ | rex "] : (?P<MethodName>[^,]*),\s*(?P<Time>\d*)" | table MethodName, Time

Then you can select a visualization from the Visualization tab in the interface.

parameshjava · ‎05-04-2017

Thanks a lot, its perfectly worked.

Extract fields from log message

Join the Splunk Community Slack to learn, troubleshoot, and make connections with fellow Splunk practitioners in real time!

Join Splunk User Groups to connect and learn in-person by region or remotely by topic or industry.

Casting Call: Compete in Cyber Games

Announcing Modern Navigation: A New Era of Splunk User Experience

How Edge Processor's Durable Queue Works

Join the Conversation