First off, I’m not very strong in the scripting so If Then might not even be what I need to use. I thought Splunk just searched for errors, but I’ve been told to search for this.
I have a process that spits out a log with this entry
ApprovalExecutionJob:22 - BEGIN::Processing Approval Requests
It runs ever 15 min (0,15,30,45).
It takes about 5 min and then spit out this:
ApprovalExecutionJob:37 - END::Processing Approval Requests
If it does not produce this END process notice then we need to be notified. Can this be done in Splunk?
... View more