Splunk Search
×

Join the Conversation

Without signing in, you're just watching from the sidelines. Sign in or Register to connect, share, and be part of the Splunk Community.
Ask a Question

Extract results from , seperated values

splunkpoornima
Communicator
‎10-08-2012 06:57 AM

I want to calculate the timedifference between the start and the Completion of the task which are in different lines..and also i want to create the chart for time taken for each task to complete

My logs will look like this,

Mon Sep 24 00:00:30 CDT 2012,xxx,Start

Mon Sep 24 00:00:30 CDT 2012,rrr,START

Mon Sep 24 00:00:30 CDT 2012,ttt,Stage 1 of 4 : Assign

Mon Sep 24 00:00:30 CDT 2012,rrr,COMPLETION:Succeeded

Mon Sep 24 00:00:30 CDT 2012,ttt,Stage 2 of 4 : If

Mon Sep 24 00:00:30 CDT 2012,xxx,COMPLETION : Succeeded

i want to create the chart ,having the timedifference between the start ant succeeded of XXX ..

Please help

Tags (1)
0 Karma
Reply

alacercogitatus
SplunkTrust
SplunkTrust
‎10-08-2012 07:13 AM

Transaction will help in this case. Check out the following search.

Notes: YOURSOURCETYPE = what ever you use to find those logs. action is the field name with XXX, rrr, ttt, etc.

sourcetype=YOURSOURCETYPE | transaction action startswith=START endswith=COMPLETION | timechart avg(duration) by action

Transaction reference: http://docs.splunk.com/Documentation/Splunk/5.0/SearchReference/Transaction

If this doesn't work for you please let me know instead of down voting.

Reply
Got questions? Get answers!

Join the Splunk Community Slack to learn, troubleshoot, and make connections with fellow Splunk practitioners in real time!

Meet up IRL or virtually!

Join Splunk User Groups to connect and learn in-person by region or remotely by topic or industry.

Get Updates on the Splunk Community!

Why Splunk Customers Should Attend Cisco Live 2026 Las Vegas

Why Splunk Customers Should Attend Cisco Live 2026 Las Vegas     Cisco Live 2026 is almost here, and this ...

What Is the Name of the USB Key Inserted by Bob Smith? (BOTS Hint, Not the Answer)

Hello Splunkers,   So you searched, “what is the name of the usb key inserted by bob smith?”  Not gonna lie… ...

Automating Threat Operations and Threat Hunting with Recorded Future

    Automating Threat Operations and Threat Hunting with Recorded Future June 29, 2026 | Register   Is your ...