Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
- About tamnor
tamnor
Explorer
Member since:
11-27-2012
06-05-2020
Community Statistics
| Posts | 8 |
| Solutions | 0 |
| Karma Given | 0 |
| Karma Received | 1 |
| Member Since | 11-27-2012 |
Activity Feed
- Got Karma for Large number of regular expressions in search field. 06-05-2020 12:46 AM
- Posted Group by responseCode on Splunk Search. 03-05-2013 05:10 PM
- Tagged Group by responseCode on Splunk Search. 03-05-2013 05:10 PM
- Posted Re: Is it possible to have a secondary Axis on a line graph in Splunk? on Dashboards & Visualizations. 01-22-2013 12:49 PM
- Posted Re: Is it possible to have a secondary Axis on a line graph in Splunk? on Dashboards & Visualizations. 01-17-2013 04:59 PM
- Posted Is it possible to have a secondary Axis on a line graph in Splunk? on Dashboards & Visualizations. 01-15-2013 12:37 PM
- Tagged Is it possible to have a secondary Axis on a line graph in Splunk? on Dashboards & Visualizations. 01-15-2013 12:37 PM
- Tagged Is it possible to have a secondary Axis on a line graph in Splunk? on Dashboards & Visualizations. 01-15-2013 12:37 PM
- Posted Re: Large number of regular expressions in search field on Splunk Search. 01-15-2013 12:25 PM
- Posted Large number of regular expressions in search field on Splunk Search. 12-17-2012 04:58 PM
- Tagged Large number of regular expressions in search field on Splunk Search. 12-17-2012 04:58 PM
- Posted Re: Aggregating uri_paths with unique value on Getting Data In. 11-27-2012 03:30 PM
- Posted Aggregating uri_paths with unique value on Getting Data In. 11-27-2012 01:04 PM
- Tagged Aggregating uri_paths with unique value on Getting Data In. 11-27-2012 01:04 PM
- Tagged Aggregating uri_paths with unique value on Getting Data In. 11-27-2012 01:04 PM
Topics I've Started
| Subject | Karma | Author | Latest Post |
|---|---|---|---|
| 0 | |||
| 0 | |||
| 1 | |||
| 0 |
03-05-2013
05:10 PM
Hi I have the following query that creates a report of the major transactions for a website with their count and average response time. I would like to seperate the count column into number requests that succeeded and requests that failed for each request type, i.e so divide this count column into requests with response code 200 and requests with response code of anything other than 200.
index=vero_anzn_prod approveRiskRequest OR finalizeQuote OR premiumGrid OR approveRiskAccept OR illustration OR archiveRisks OR premiumInstallments OR add OR recalculateRates OR cancelPolicy OR completeScenario OR search OR save OR getPDF NOT (uri=.js OR uri=.png OR uri=.css OR uri=.gif OR uri=.ico OR uri=.jpg)
| rex field=uri_path mode=sed "s/quote\/[0-9]+/quote\/QUOTENO/"
.
.
.
| rex field=uri_path mode=sed "s/referralHistory\/.*\//referralHistory\/REFHSEARCH\//"
| eval Request=uri_path.method
| stats count avg(responseTime) BY Request
I realize I could add responseCode to the BY part of the query but this doesn't give me exactly what I want.
Thanks.
Tam.
... View more
- Tags:
- groupby
01-22-2013
12:49 PM
Thanks Jonuwz.
... View more
01-17-2013
04:59 PM
So how do I set up Splunk so that it uses FlashChart? When I edit the dashboard the xml for the chart looks like below. So I assume it is using JSChart. I have been searching through the documentation but can't find an answer.
<?xml version='1.0' encoding='utf-8'?>
Arena Prod
tamArenaRequestResponseTimes
tamArenaRequestResponseTimes
line
<option ...
... View more
01-15-2013
12:37 PM
Hi all,
I am using Splunk to generate a graph of http request vs response times to determne which requests have the highest average response time. I also want to include the count value for each http request so that the graph shows for each request, it's average response time and the number of instances of this request e.g request /****/customer/claimDetails.html had an average response time of 1164.60ms and there were 10 instances of this request sent in a given time period.
Is it possible for me to include the count value on a secondary vertical axis? Because the responseTime is in ms and the count is normally relatively small numbers the graph is not very readable if these are on the same axis.
It doesn't look like this is possible in Splunk, at least it isn't obvious. My other option is to export the data to excell and create the graph in there.
Thanks.
Tam.
... View more
- Tags:
- graphs
- visualization
01-15-2013
12:25 PM
Hi. Thanks for the responses. This is no longer a problem as the indexing was changed so that the uri_path is an extracted field so I can group by this rather than the full url with all the dynamic values. There are still some dynamic values in the uri_path but not that many so my queries aren't too long.
... View more
12-17-2012
04:58 PM
1 Karma
Hi
I am a new Splunk user and at the moment I am using it to monitor the performance of the web applications of the insurance company that I work for. I want to be able to generate a report that shows the average response time against each web request as well as the number of instances of that request that were submitted for a given time period. A large number of the web requests have dynamic values in them for customer id, policy number, claim id, repair booking etc. I am using regular expressions to filter out the unique info and group the request together. So at the moment I have a search that looks like the following ..
index=arena_repairs_prod responseTime>5000 lodge | rex field=uri_path mode=sed "s/repair\/summary.html\?repairId=[0-9]+/repair\/summary.html?repairId=/" | rex field=uri_path mode=sed ....
So I just keep repeating the regular expressions one after the other in the search field. I can see that my search is going to become quite large.
Is this the best way to create a search like this, or is there someone of saving each of the regular expressions and just referring to them by a variable name?
Any advice would be much appreciated.
... View more
- Tags:
- regex
11-27-2012
03:30 PM
Thanks jonuwz for the quick response. That works perfectly. Cheers.
... View more
11-27-2012
01:04 PM
Hi all
I am using Splunk to gather info on usage and performance of various web applications . I am interested to know how many times certain http transactions are performed over a timeframe and what the average, min and max response times are for each transaction. I can run a query like ..
index=arena_repairs_uat | stats count avg(responseTime) BY uri_path
and this gives me a pretty good report aggregating all the different types of http request with the number of times it was sent and the average response time.
However some of the http requests have a dynamic unique repair id value in them such as ...
/arena/repair/motor/12434/addNewQuoteForEachRepairer.ajax
I want to tell the search to ignore the unique repair id and treat these as the same type of request. With the above request it treats these as separate request types.
I know I can do a search like ..
index=arena_repairs_uat uri_path="/arena/repair/motor/*/addNewQuoteForEachRepairer.ajax"
to group all these requests together in a single search but I need to incorporate this in the initial search that gets info on all request types and their count and average response times.
Any help would be much appreciated.
... View more
