Hi All,

I have the logs below and need to get an HTTP status code count.

10.176.242.7 - app [21/May/2020:16:09:01 +0000] "GET /data/app1/2016-11-04/2582478/0CA087DB-8F72-4E5D-9F9C-F4E0C362601F.pdf.zip HTTP/1.1" 200 95098

10.176.242.7 - app [21/May/2020:16:09:01 +0000] "GET /data/app2/2016-11-04/2582478/0CA087DB-8F72-4E5D-9F9C-F4E0C362601F.pdf.zip HTTP/1.1" 401 95098

10.176.242.7 - app [21/May/2020:16:09:01 +0000] "GET /data/app3/2016-11-04/2582478/0CA087DB-8F72-4E5D-9F9C-F4E0C362601F.pdf.zip HTTP/1.1" 404 95098

Please help me create a Splunk search.

--Raja