Re: Need a help with Query

SR · ‎01-30-2025

Below was the question for me
"I need a running report to be exported, with the number of errors on each of the services in the last 7 days then it has to show a graph for each week"

i would need a query to search for this Serivce "Per****ng.N**s.Platform.Host"
Index="Nex"
where i would need data for Information, Error, Debug, Warnings.

Please help me with this

SR · ‎01-30-2025

Apologies i am pretty New to Splunk and i still learning and going through tutorials
just got till the below but no results yet

Index="Nex" Application="Pe***g.Ne**s.Platform.Host"| Search

inventsekar · ‎01-30-2025

Hi @SR .. may i know if you get results for the first search.. if no, pls understand that Application= may be service= or something else(depends on your logs).

if your search fails, then pls check the search below:

do you get results for 
index="Nex" Application="Pe***g.Ne**s.Platform.Host"

OR the better do this search
index="Nex" "Pe***g.Ne**s.Platform.Host"

maybe pls send me a direct msg here in my profile, i can try to help you further. thanks.

thanks and best regards,
Sekar

PS - If this or any post helped you in any way, pls consider upvoting, thanks for reading !

ITWhisperer · ‎01-30-2025

Asterisks are wild cards - are you really using wildcards or are you just obfuscating your search for the purposes of posting here?

It would also be very helpful if you could share some sample raw events, anonymised appropriately; please share them in a code block using the </> button to create an area to place them in so that formatting is preserved

ITWhisperer · ‎01-30-2025

What have you tried so far?

Need a help with Query

count

eval

fields

stats

Splunk Enterprise Security: Your Command Center for PCI DSS Compliance

Developer Spotlight with Guilhem Marchand

Cisco Catalyst Center Meets Splunk ITSI: From 'Payments Are Down' to Root Cause in ...

Join the Conversation