×

Join the Conversation

Without signing in, you're just watching from the sidelines. Sign in or Register to connect, share, and be part of the Splunk Community.
Ask a Question
darrel343
Engager
Member since: ‎03-14-2012
‎06-05-2020
Community Statistics
Posts 2
Solutions 0
Karma Given 2
Karma Received 0
Member Since ‎03-14-2012
Activity Feed
View All

Re: Advanced search question, match logs entries a...

by in Splunk Search
‎05-15-2015 11:03 AM
‎05-15-2015 11:03 AM
This answer was the most helpful in showing me how to make the transaction feature work, thanks. ... View more

Advanced search question, match logs entries again...

by in Splunk Search
‎05-14-2015 10:19 AM
‎05-14-2015 10:19 AM
My log entries look like this: DATE: order=8 status=processed -many entries in between- DATE: order=8 status=completed Is there some way I can get a count of instances where "order=X processed" is found but where "order=X completed" is not found? I'm pretty new to splunk queries, and have been reading up, but this is kind of specific and I'm not even sure if it's possible, so I thought I would ask. Also, I can control the log files, so if there is a different way of separating fields or a way of logging that would make this easier, please let me know. ... View more
Contact Me
Online Status
Offline
Date Last Visited
‎06-05-2020 02:04 AM
Karma given to
View All