Splunk Search
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question

searchs that does not succeed

warmup031
Explorer
‎04-20-2020 01:20 AM

Hello,
I would like to know how to find searchs that do not succeed (no results or with errors) ?
Some users complains about the fact that searchs does not give any results, and I would like to find if there is a search to find these errors (are there any errorcode to find, or else ?)
Thank you

0 Karma
Reply

warmup031
Explorer
‎04-20-2020 07:57 AM

Hello Codebuilder,

The error would come from manual searches not from scheduler. In Dmc you talk about scheduled searches skipped ? or something else. I'm searching for manual searches in error.

Thank you

0 Karma
Reply

codebuilder
Influencer
‎04-20-2020 07:02 AM

If you have a DMC there are dashboards to show you this type of information, but from a SH you can use something like this:

index=_internal sourcetype=scheduler (status="skipped" OR status="deferred")
----
An upvote would be appreciated and Accept Solution if it helps!
0 Karma
Reply
Get Updates on the Splunk Community!

New This Month - Splunk Observability updates and improvements for faster ...

What’s New? This month, we’re delivering several enhancements across Splunk Observability Cloud for faster and ...

What's New in Splunk Cloud Platform 9.3.2411?

Hey Splunky People! We are excited to share the latest updates in Splunk Cloud Platform 9.3.2411. This release ...

Buttercup Games: Further Dashboarding Techniques (Part 6)

This series of blogs assumes you have already completed the Splunk Enterprise Search Tutorial as it uses the ...