I was previously logging my API requests and responses as strings. So my logs would show:
Request: {"name": "Joe", "age": "4", ...}
And the entirety of {"name": "Joe", "age": "4", ...} is a string.
In order to get the information out, I had to parse the string with regexes.
I wanted to log this with Splunk fields though. So I began logging the JSON, and my logs showed:
Request:
name: Joe
age: 4
The problem is that my queries now take MUCH longer. I have to search for Request.name instead of using regexes to get the name. Does anyone know why it's taking so much longer?
... View more