Splunk Search

How extract the lines as failures from logs using splunk

Hema_Nithya
Explorer

index=os source="/var/log/bitbucket" host=servera* Failed

and evaluate them as failed packages  to install. 

Failed
:

python-urllib3.noarch 0:1.10.2-3.el7
python-urllib3.noarch 0:1.10.2-7.el7
php subscription-manager-rhsm-1.24.51-1.el7_9.x86_64
subscription-manager-rhsm-1.24.52-2.el7_9.x86_64
python-syspurpose-1.24.52-2.el7_9.x86_64

Labels (3)
0 Karma

ITWhisperer
SplunkTrust
SplunkTrust

This is a bit vague - what do your events actually look like? what are you trying to achieve? what do your expected results look like?

0 Karma
Get Updates on the Splunk Community!

See just what you’ve been missing | Observability tracks at Splunk University

Looking to sharpen your observability skills so you can better understand how to collect and analyze data from ...

Weezer at .conf25? Say it ain’t so!

Hello Splunkers, The countdown to .conf25 is on-and we've just turned up the volume! We're thrilled to ...

How SC4S Makes Suricata Logs Ingestion Simple

Network security monitoring has become increasingly critical for organizations of all sizes. Splunk has ...