I have used the rex field=msgTxt but I keep getting errors. I'm sorry but I've worked on this for hours, and nothing seems to work. I'm still pretty new to Splunk and this is not in my skill-set. Ma...
See more...
I have used the rex field=msgTxt but I keep getting errors. I'm sorry but I've worked on this for hours, and nothing seems to work. I'm still pretty new to Splunk and this is not in my skill-set. Maybe I should start over.. However, the results I'm looking for have slightly changed. The field or log that contains my results are located in msgTxt and I would like to pull both Latitude/Longitude values and the WarningMessages. The field has Latitude and Longitude listed twice. Most of the time the first set will return 0's and the log will always be in this format. The log looks like this: StandardizedAddressService SUCCEEDED - FROM: {"Address1":"63 Somewhere NW ST","Address2":null,"City":"OKLAND CITY","County":null,"State":"OK","ZipCode":"99999-1111","Latitude":97.999,"Longitude":-97.999,"IsStandardized":false,"AddressStandardizationStatus":0,"AddressStandardizationType":0} RESULT: 1 | {"AddressDetails":[{"AssociatedName":"","HouseNumber":"63","Predirection":"NW","StreetName":"Somewhere","Suffix":"ST","Postdirection":"","SuiteName":"","SuiteRange":"","City":"OKLAND CITY","CityAbbreviation":"OKLAND CITY","State":"OK","ZipCode":"99999","Zip4":"1111","County":"Oklahoma","CountyFips":"40109","CoastalCounty":0,"Latitude":97.999,"Longitude":-97.999"Fulladdress1":"63 Somewhere NW ST","Fulladdress2":"","HighRiseDefault":false}],"WarningMessages":[],"ErrorMessages":[],"GeoErrorMessages":[],"Succeeded":true,"ErrorMessage":null} I'm hoping to see the following results: Latitude Longitude Latitude Longitude WarningMessages 99.2541 -25.214 99.254 -25.214 NULL 00.0000 -00.000 99.254 -21.218 NULL 00.0000 -00.000 00.000 -00.000 Error message with something The results for all of the phrases will be different and I will be searching through1000's of logs. If it's too much work to show both set of the Latitude/Longitude values, then the second set would work. Your help is greatly appreciated.. Thanks