×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question
gundepalli
Explorer
Member since: ‎05-17-2012
‎06-05-2020
Community Statistics
Posts 5
Solutions 0
Karma Given 0
Karma Received 2
Member Since ‎05-17-2012
Activity Feed
View All

Re: Splunk for F5 BIG-IP LTM logging

by in All Apps and Add-ons
‎12-02-2014 07:45 AM
‎12-02-2014 07:45 AM
Any update on this?,any update on this? ... View more

Re: [indexer] Streamed search execute failed becau...

by in Splunk Search
‎04-28-2014 12:27 PM
‎04-28-2014 12:27 PM
I tried the solution of deleting the bundles and reattaching the indexer to search head. it worked but the error seem to be happening again. Is there a permanent solution to the problem. Poorna ... View more

Re: search for a sequence of events in a transacti...

by in Splunk Search
‎01-10-2014 11:55 AM
‎01-10-2014 11:55 AM
I would like to see all the events in the transaction that has event B as the last event and the one preceding it as event A. the above search wouldonly have transactions with event A and B which is not what i want. ... View more

Re: search for a sequence of events in a transacti...

by in Splunk Search
‎01-10-2014 11:40 AM
‎01-10-2014 11:40 AM
yes, Event B always follows event A. They are consecutive events. Event A and Event B are the only once i care about in the transaction and need to pull just those transactions. ... View more

search for a sequence of events in a transaction

by in Splunk Search
‎01-10-2014 11:28 AM
2 Karma
‎01-10-2014 11:28 AM
2 Karma
I have a log file that I am grouping the events using transaction command based on session ID. Within each transaction i need to find two events (event A and event B)that occur in a sequence and the second event being the last event in the transaction. I need only transactions that have event A. Here is what I have so far: index=xyz | transaction sessionid endswith="event B" | search "event A" . The above query pulls all transactions that surely have "event A" and ends with "event B". But how do i pull only events that have "event A" followed by "event B" , event B being the last event in the transaction. Help appreciated. Thanks in advance ... View more
Contact Me
Online Status
Offline
Date Last Visited
‎06-05-2020 02:04 AM
Karma from
View All