Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
- About akonduru
akonduru
New Member
Member since:
11-24-2014
06-05-2020
Community Statistics
| Posts | 11 |
| Solutions | 0 |
| Karma Given | 0 |
| Karma Received | 0 |
| Member Since | 11-24-2014 |
Activity Feed
- Posted Re: How to search by variable created within a join query? on Splunk Search. 03-11-2016 03:39 PM
- Posted Re: How to search by variable created within a join query? on Splunk Search. 03-11-2016 12:29 PM
- Posted How to search by variable created within a join query? on Splunk Search. 03-11-2016 05:53 AM
- Tagged How to search by variable created within a join query? on Splunk Search. 03-11-2016 05:53 AM
- Posted Re: How to use Eval to find all matching errors and display result count by error on Security. 03-10-2016 05:51 PM
- Posted Re: How to use Eval to find all matching errors and display result count by error on Security. 03-10-2016 02:05 PM
- Posted Re: How to use Eval to find all matching errors and display result count by error on Security. 03-10-2016 01:47 PM
- Posted Re: How to use Eval to find all matching errors and display result count by error on Security. 03-10-2016 01:40 PM
- Posted Re: How to use Eval to find all matching errors and display result count by error on Security. 03-10-2016 10:44 AM
- Posted Re: How to use Eval to find all matching errors and display result count by error on Security. 03-10-2016 06:48 AM
- Posted How to use Eval to find all matching errors and display result count by error on Security. 03-09-2016 09:57 PM
- Tagged How to use Eval to find all matching errors and display result count by error on Security. 03-09-2016 09:57 PM
- Posted How to build a dashboard to visualize number of GET, PUT, POST calls of a REST API application on Dashboards & Visualizations. 11-24-2014 03:19 PM
- Tagged How to build a dashboard to visualize number of GET, PUT, POST calls of a REST API application on Dashboards & Visualizations. 11-24-2014 03:19 PM
- Tagged How to build a dashboard to visualize number of GET, PUT, POST calls of a REST API application on Dashboards & Visualizations. 11-24-2014 03:19 PM
- Tagged How to build a dashboard to visualize number of GET, PUT, POST calls of a REST API application on Dashboards & Visualizations. 11-24-2014 03:19 PM
- Tagged How to build a dashboard to visualize number of GET, PUT, POST calls of a REST API application on Dashboards & Visualizations. 11-24-2014 03:19 PM
Topics I've Started
| Subject | Karma | Author | Latest Post |
|---|---|---|---|
| 0 | |||
| 0 | |||
| 0 |
03-11-2016
03:39 PM
yes, it match except the constant part which is why i am doing substring to take off Constant part.
... View more
03-11-2016
12:29 PM
No, It is not same. length varies. But fieldinterestedin always start wit constant like "ABCD23423fsdfsd" where ABCD is constant.
... View more
03-11-2016
05:53 AM
I want join/combine two searches by their common value to compare transaction success/failure rate at both places. i tried something below, but unable to search by evaluated result
Step1: Extract substring from second log as this value exactly doesn't match within first log.
index=indexoffirstlog sourcetype="secondlog" eval length=len(fieldinterestedin) | eval transaction_id=substr(fieldinterestedin, 6, length)
Step2: Search results within first log where result contain transaction_id (Not Joined yet, just checking first log query alone)
index=indexoffsfirstlog sourcetype="firstlog" matchstringoffirstlog
Step3: Now join both searches and search by transaction_id
index=indexoffirstlog AND index=indexofsecondlog sourcetype="secondlog" matchstringoffirstlog | eval length=len(fieldinterestedin) | eval result=substr(fieldinterestedin, 6, length) | search result
But i am not getting any results. appreciate any advice.
... View more
- Tags:
- splunk-enterprise
03-10-2016
02:05 PM
No, error_message is blank. Only _raw displays text of stack trace where error1 is part of huge stack trace.
... View more
03-10-2016
01:47 PM
I tried below, which found some X number of events but below it displayed "no results found", so stats is not working?
index=test "common_error" | rex field=_raw "error1 (?.*)" | stats count by error_message
... View more
03-10-2016
01:40 PM
Here, error_message needs to be replaced with "error1"/"error2"/"error3" ? in that case where we are defining error_message which is used for ordering.
Basically, all my errors are part of raw which is not mapped to any field.
How the query will look like for the following scenario?
OrderserviceImpl Exception: Workflow Exception ---> FileNotFoundException: ERR_234: File not found for cust_abc
OrderserviceImpl Exception: Workflow Exception ---> CustomerNotFoundException: ERR_453: Customer not found for cust_123
OrderserviceImpl Exception: Workflow Exception ---> InvalidInputException: ERR_443: Invalid Input
In the above error, "OrderserviceImpl" is common for all errors and remaining like "FileNotFoundException: ERR_234" varies.. i want to display count for each error message.
Thanks for helping with my questions.
... View more
03-10-2016
10:44 AM
The error i am getting is
Error in 'eval' command: The expression is malformed.
The search job has failed due to an error. You may be able view the job in the Job Inspector.
... View more
03-10-2016
06:48 AM
Events looks like below. I want to display report/Dash borad with all these erro1-4 in a report or dashborad and any new error should be displayed as new.. For now i am looking for count of all known errors.
16:30:24,115|Service:call common_error failed with an error error1
16:33:01,115|Service:call common_error failed with an error error2
13:30:08,115|Service:call common_error failed with an error error3
23:30:05,115|Service:call common_error failed with an error error4
... View more
03-09-2016
09:57 PM
I tried below, but getting an error. It works if i limit the error to single message error1.
Here i dont have filed for error, so defining new variable test_msg and trying to match for any of the 3 messages..
index=test "common_error" | eval test_msg="error1" "error2" "error3" | stats count by test_msg
... View more
- Tags:
- splunk-enterprise
11-24-2014
03:19 PM
How to build a dashboard to visualize number of GET, PUT, POST calls of a REST API application from an application log file as source.
... View more
Contact Me
| Online Status |
Offline
|
| Date Last Visited |
06-05-2020
02:04 AM
|
