Solved: How can I display only certain lines in a search?

sascha · ‎12-30-2022

Hello all,

I have the problem that I can read the data only from Error: of the line to the first character {

The error can always be different

Example of my log file:

2022/12/30 13:09:38.584 ERROR: Failed to manipulate address {F1909AddressManipulation.run[179]} Thread-5618073 ... 36 lines omitted ... at glf1900.glf1909.core.validation.F1909AddressManipulation.run(F1909AddressManipulation.java:103) [GLF1909-V235_27_0003.jar:?] at glf1900.glf1909.core.F1909ValidateShipment.run(F1909ValidateShipment.java:561) [GLF1909-V235_27_0003.jar:?]

sascha · ‎12-30-2022

Hi @gcusello

index="gls_unique_doc02" GLF1909 AND ERROR

2022/12/30 13:09:38.584 ERROR: Failed to manipulate address {F1909AddressManipulation.run[179]} Thread-5618073 java.net.SocketTimeoutException: Read timed out at java.net.SocketInputStream.socketRead0(Native Method) ~[?:1.8.0_342] at java.net.SocketInputStream.socketRead(SocketInputStream.java:116) ~[?:1.8.0_342] at java.net.SocketInputStream.read(SocketInputStream.java:171) ~[?:1.8.0_342] at java.net.SocketInputStream.read(SocketInputStream.java:141) ~[?:1.8.0_342] at sun.security.ssl.SSLSocketInputRecord.read(SSLSocketInputRecord.java:464) ~[?:1.8.0_342] at sun.security.ssl.SSLSocketInputRecord.bytesInCompletePacket(SSLSocketInputRecord.java:68) ~[?:1.8.0_342] at sun.security.ssl.SSLSocketImpl.readApplicationRecord(SSLSocketImpl.java:1346) ~[?:1.8.0_342] at sun.security.ssl.SSLSocketImpl.access$300(SSLSocketImpl.java:73) ~[?:1.8.0_342] at sun.security.ssl.SSLSocketImpl$AppInputStream.read(SSLSocketImpl.java:962) ~[?:1.8.0_342] at okio.Okio$2.read(Okio.java:139) ~[okio-1.13.0.jar:?] at okio.AsyncTimeout$2.read(AsyncTimeout.java:237) ~[okio-1.13.0.jar:?] at okio.RealBufferedSource.indexOf(RealBufferedSource.java:345) ~[okio-1.13.0.jar:?] at okio.RealBufferedSource.readUtf8LineStrict(RealBufferedSource.java:217) ~[okio-1.13.0.jar:?] at okio.RealBufferedSource.readUtf8LineStrict(RealBufferedSource.java:211) ~[okio-1.13.0.jar:?] at okhttp3.internal.http1.Http1Codec.readResponseHeaders(Http1Codec.java:189) ~[okhttp-3.8.0.jar:?] at okhttp3.internal.http.CallServerInterceptor.intercept(CallServerInterceptor.java:75) ~[okhttp-3.8.0.jar:?] at okhttp3.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.java:92) ~[okhttp-3.8.0.jar:?] at okhttp3.internal.connection.ConnectInterceptor.intercept(ConnectInterceptor.java:45) ~[okhttp-3.8.0.jar:?] at okhttp3.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.java:92) ~[okhttp-3.8.0.jar:?] at okhttp3.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.java:67) ~[okhttp-3.8.0.jar:?] at okhttp3.internal.cache.CacheInterceptor.intercept(CacheInterceptor.java:93) ~[okhttp-3.8.0.jar:?] at okhttp3.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.java:92) ~[okhttp-3.8.0.jar:?] at okhttp3.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.java:67) ~[okhttp-3.8.0.jar:?] at okhttp3.internal.http.BridgeInterceptor.intercept(BridgeInterceptor.java:93) ~[okhttp-3.8.0.jar:?] at okhttp3.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.java:92) ~[okhttp-3.8.0.jar:?] at okhttp3.internal.http.RetryAndFollowUpInterceptor.intercept(RetryAndFollowUpInterceptor.java:120) ~[okhttp-3.8.0.jar:?] at okhttp3.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.java:92) ~[okhttp-3.8.0.jar:?] at okhttp3.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.java:67) ~[okhttp-3.8.0.jar:?] at eu.gls.geo.inboundlogistics.invoker.auth.ApiKeyAuth.intercept(ApiKeyAuth.java:70) ~[GLDC120-V229_23_1000.jar:?] at okhttp3.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.java:92) ~[okhttp-3.8.0.jar:?] at okhttp3.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.java:67) ~[okhttp-3.8.0.jar:?] at okhttp3.RealCall.getResponseWithInterceptorChain(RealCall.java:185) ~[okhttp-3.8.0.jar:?] at okhttp3.RealCall.execute(RealCall.java:69) ~[okhttp-3.8.0.jar:?] at retrofit2.OkHttpCall.execute(OkHttpCall.java:180) ~[retrofit-2.3.0.jar:?] at gl.dc.gldc000.GLDC120.getZipCodeList(GLDC120.java:57) ~[GLDC120-V229_23_1000.jar:?] at glf1900.glf1909.core.validation.F1909AddressManipulation.run(F1909AddressManipulation.java:103) [GLF1909-V235_27_0003.jar:?] at glf1900.glf1909.core.F1909ValidateShipment.run(F1909ValidateShipment.java:561) [GLF1909-V235_27_0003.jar:?] at glf1900.GLF1909.executeLogic(GLF1909.java:661) [GLF1909-V235_27_0003.jar:?] at glf1900.GLF1909.execute(GLF1909.java:543) [GLF1909-V235_27_0003.jar:?] at gls.common.GLSServerThread.execute(GLSServerThread.java:338) [GLSCom-V229_23_1000.jar:?] at gls.common.GLSServerThread.run(GLSServerThread.java:117) [GLSCom-V229_23_1000.jar:?]

View solution in original post

gcusello · ‎12-30-2022

Hi @sascha,

could you share your search and the result you'd like?

Ciao.

Giuseppe

sascha · ‎12-30-2022

Hi @gcusello

index="gls_unique_doc02" GLF1909 AND ERROR

2022/12/30 13:09:38.584 ERROR: Failed to manipulate address {F1909AddressManipulation.run[179]} Thread-5618073 java.net.SocketTimeoutException: Read timed out at java.net.SocketInputStream.socketRead0(Native Method) ~[?:1.8.0_342] at java.net.SocketInputStream.socketRead(SocketInputStream.java:116) ~[?:1.8.0_342] at java.net.SocketInputStream.read(SocketInputStream.java:171) ~[?:1.8.0_342] at java.net.SocketInputStream.read(SocketInputStream.java:141) ~[?:1.8.0_342] at sun.security.ssl.SSLSocketInputRecord.read(SSLSocketInputRecord.java:464) ~[?:1.8.0_342] at sun.security.ssl.SSLSocketInputRecord.bytesInCompletePacket(SSLSocketInputRecord.java:68) ~[?:1.8.0_342] at sun.security.ssl.SSLSocketImpl.readApplicationRecord(SSLSocketImpl.java:1346) ~[?:1.8.0_342] at sun.security.ssl.SSLSocketImpl.access$300(SSLSocketImpl.java:73) ~[?:1.8.0_342] at sun.security.ssl.SSLSocketImpl$AppInputStream.read(SSLSocketImpl.java:962) ~[?:1.8.0_342] at okio.Okio$2.read(Okio.java:139) ~[okio-1.13.0.jar:?] at okio.AsyncTimeout$2.read(AsyncTimeout.java:237) ~[okio-1.13.0.jar:?] at okio.RealBufferedSource.indexOf(RealBufferedSource.java:345) ~[okio-1.13.0.jar:?] at okio.RealBufferedSource.readUtf8LineStrict(RealBufferedSource.java:217) ~[okio-1.13.0.jar:?] at okio.RealBufferedSource.readUtf8LineStrict(RealBufferedSource.java:211) ~[okio-1.13.0.jar:?] at okhttp3.internal.http1.Http1Codec.readResponseHeaders(Http1Codec.java:189) ~[okhttp-3.8.0.jar:?] at okhttp3.internal.http.CallServerInterceptor.intercept(CallServerInterceptor.java:75) ~[okhttp-3.8.0.jar:?] at okhttp3.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.java:92) ~[okhttp-3.8.0.jar:?] at okhttp3.internal.connection.ConnectInterceptor.intercept(ConnectInterceptor.java:45) ~[okhttp-3.8.0.jar:?] at okhttp3.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.java:92) ~[okhttp-3.8.0.jar:?] at okhttp3.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.java:67) ~[okhttp-3.8.0.jar:?] at okhttp3.internal.cache.CacheInterceptor.intercept(CacheInterceptor.java:93) ~[okhttp-3.8.0.jar:?] at okhttp3.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.java:92) ~[okhttp-3.8.0.jar:?] at okhttp3.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.java:67) ~[okhttp-3.8.0.jar:?] at okhttp3.internal.http.BridgeInterceptor.intercept(BridgeInterceptor.java:93) ~[okhttp-3.8.0.jar:?] at okhttp3.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.java:92) ~[okhttp-3.8.0.jar:?] at okhttp3.internal.http.RetryAndFollowUpInterceptor.intercept(RetryAndFollowUpInterceptor.java:120) ~[okhttp-3.8.0.jar:?] at okhttp3.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.java:92) ~[okhttp-3.8.0.jar:?] at okhttp3.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.java:67) ~[okhttp-3.8.0.jar:?] at eu.gls.geo.inboundlogistics.invoker.auth.ApiKeyAuth.intercept(ApiKeyAuth.java:70) ~[GLDC120-V229_23_1000.jar:?] at okhttp3.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.java:92) ~[okhttp-3.8.0.jar:?] at okhttp3.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.java:67) ~[okhttp-3.8.0.jar:?] at okhttp3.RealCall.getResponseWithInterceptorChain(RealCall.java:185) ~[okhttp-3.8.0.jar:?] at okhttp3.RealCall.execute(RealCall.java:69) ~[okhttp-3.8.0.jar:?] at retrofit2.OkHttpCall.execute(OkHttpCall.java:180) ~[retrofit-2.3.0.jar:?] at gl.dc.gldc000.GLDC120.getZipCodeList(GLDC120.java:57) ~[GLDC120-V229_23_1000.jar:?] at glf1900.glf1909.core.validation.F1909AddressManipulation.run(F1909AddressManipulation.java:103) [GLF1909-V235_27_0003.jar:?] at glf1900.glf1909.core.F1909ValidateShipment.run(F1909ValidateShipment.java:561) [GLF1909-V235_27_0003.jar:?] at glf1900.GLF1909.executeLogic(GLF1909.java:661) [GLF1909-V235_27_0003.jar:?] at glf1900.GLF1909.execute(GLF1909.java:543) [GLF1909-V235_27_0003.jar:?] at gls.common.GLSServerThread.execute(GLSServerThread.java:338) [GLSCom-V229_23_1000.jar:?] at gls.common.GLSServerThread.run(GLSServerThread.java:117) [GLSCom-V229_23_1000.jar:?]

How can I display only certain lines in a search?

subsearch

Enterprise Security Content Update (ESCU) | New Releases

Why am I not seeing the finding in Splunk Enterprise Security Analyst Queue?

Index This | What are the 12 Days of Splunk-mas?