Hi, How can I extract pattern of raw data like pattern tab in splunk search?
Thanks
normally sourcetype is defined in inputs. and it should auto populate in search.
would you please describe more?
You can save the patterns as eventtypes and then use these eventtype in your searches e.g.
eventtype="saved_event_type"
but these are just short cuts / macros for what you would put in your initial search, they are not rex patterns (for example).
sourcetype not important. I just have index="myindex"
need to get output like mention in screenshot.
Any idea?
Thanks,
Do you mean you want the algorithm splunk uses to determine what patterns exist in the data and what percent of the events match those patterns?
Exactly need to use this in search app.
