I have a csv lookup table of IP addresses that I want to execute searches on server logs with, but I'm stopped by an error code (title). It tells me the source field (IP) isn't found in the lookup t...
Hi I need to find 5 "Errors" peak points by server and sort by date here is my spl: index="myindex" err* | rex field=source "\/data\/(?<product>\w+)\/(?<date>\d+)\/(?&l...
Hi all,
I want to see the new errors after a date, per example "new errors after 1 day ago". I've created this request, which works fine for find the first occurrence of each error. But now I w...
My data looks as follows:
host col2 ---- ---- A SUCCESS A ERROR B ERROR B SUCCESS B SUCCESS C ERROR
Here is the desired output:
host Total_rows_for_this_host Errors...
I want to find number of 500 , 200 , 300 error present in the logs . I have already fields extracted for error_code
so I am doing something like this index="abc" |stats count(eval(error_code=5...
Hi Team, I have below three logs events which gets the statuscode of 200,400,500 in different logs. Need help to find the status code error rate for all the diiferent s...
Hello. We are deploying a new search head in our splunk environment. We are using windows 2019 servers as platform. The nearch head is not working. We can see these errors on the i...
Using free splunk enterprise if that helps, cannot add new apps and keep getting this error is there a way to circumvent this?
I want to add a syslog server for cisco devices but need the add on.
I see the following -
How can I find out what the deployment errors are? The interface also warns about some settings in the serverclass.conf . What can this be?