Solved: Extract fields from log message

parameshjava · ‎05-04-2017

I used AOP concept to track few methods execution time and it will print the log as follows :

Execution Time : [method Name, time] : getProfiles, 1631
Execution Time : [method Name, time] : getAddress, 1500
Execution Time : [method Name, time] : getReports, 100

Is there any way to generate table/chart for each entry in log as follows:

Method Nane | Time
getProfile |1631
getAddress |1500
getReports | 100

cpetterborg · ‎05-04-2017

Try this:

_your_search_ | rex "] : (?P<MethodName>[^,]*),\s*(?P<Time>\d*)" | table MethodName, Time

Then you can select a visualization from the Visualization tab in the interface.

View solution in original post

cpetterborg · ‎05-04-2017

Try this:

_your_search_ | rex "] : (?P<MethodName>[^,]*),\s*(?P<Time>\d*)" | table MethodName, Time

Then you can select a visualization from the Visualization tab in the interface.

parameshjava · ‎05-04-2017

Thanks a lot, its perfectly worked.

Extract fields from log message

Join the Splunk Community Slack to learn, troubleshoot, and make connections with fellow Splunk practitioners in real time!

Join Splunk User Groups to connect and learn in-person by region or remotely by topic or industry.

Why Splunk Customers Should Attend Cisco Live 2026 Las Vegas

What Is the Name of the USB Key Inserted by Bob Smith? (BOTS Hint, Not the Answer)

Automating Threat Operations and Threat Hunting with Recorded Future

Join the Conversation