cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question
subinj
New Member
Member since: ‎06-14-2012
‎06-05-2020
Community Statistics
Posts 5
Solutions 0
Karma Given 0
Karma Received 0
Member Since ‎06-14-2012
Activity Feed
Topics I've Started
View All

Re: categorization based on frequent text

by in Splunk Search
‎06-19-2012 09:46 PM
‎06-19-2012 09:46 PM
I was referring to the index file that would get generated when I run Splunk on the file containing the incident description. Based on the example provided, I am assuming the index file would have the following content : 5 aaaa 2 backup 4 bbbbb 3 channel 4 cluster 2 disk 3 fibre 3 luns 3 multipath where the numbers specify the number of times the string appears in the content. Was wondering if I could read this index file to obtain the strings and count, provided my assumption about the index file contents are correct. Thanks ! ... View more

Re: categorization based on frequent text

by in Splunk Search
‎06-19-2012 12:04 AM
‎06-19-2012 12:04 AM
Thanks Ayn! Yes, the first part is what i am looking for, as currently I do not know what are the possible incident categories and associated strings I should be searching for. Would it be feasible to read the index file from wherein I could identify the various strings and associated number of occurrences? ... View more

Re: categorization based on frequent text

by in Splunk Search
‎06-18-2012 11:40 PM
‎06-18-2012 11:40 PM
Right about the format - it doesn't have a common template. Thanks Lamar ! ... View more

Re: categorization based on frequent text

by in Splunk Search
‎06-14-2012 11:17 PM
‎06-14-2012 11:17 PM
Thanks for your time Lamar ! I have edited my original post to include samples of my requirement. Trust this brings in more clarity. ... View more

categorization based on frequent text

by in Splunk Search
‎06-14-2012 04:16 AM
‎06-14-2012 04:16 AM
Hi. I have an excel dump of incident tickets generated from the ticketing tool. Sample incidents' description from the report: "Target: CI-xxxx Stateless event alarm Event details: HA recovered from a total cluster failure in cluster" "Server - CI-aaaa generates Multipath Issue Fibre Channel information: Multipathing ERROR, not all luns have 4 paths" "Servers generate CI-aaaa & CI-bbbbb - Multipath issue Fibre Channel information: Multipathing ERROR, not all luns have 4 paths" "Servers generate CI-aaaa & CI-bbbbb - Multipath issue Fibre Channel information: Multipathing ERROR, not all luns have 4 paths" "[VMware vCenter - Alarm Cluster high availability error] Insufficient resources to satisfy HA failover level on cluster" "F drive is having less disk space nagios-ebs: CI-xxxx " "Low disk space alert on CI-yyyyy" "Failed backup report for 2nd April 2012 : CI-xxxx , CI-aaaa , CI-bbbbb" "Failed backup report for 3rd April 2012 : CI-xxxx , CI-aaaa , CI-bbbbb" There is no exclusive "category" field. My end objective is to perform a Trend Analysis to identify top recurring issues. I could perform a grouping by going through the description fields one by one and identifying the incident type. Desired output would be : category ---- count of occurrence HA ---- 2 Multipath ---- 3 disk space ---- 2 failed backup ---- 2 The manual grouping would not be feasible though for a list of 300+ incidents. I was wondering if Splunk could identify the common significant text from the description fields and return a similar grouping, without the need to key in search strings ? ... View more
Contact Me
Online Status
Offline
Date Last Visited
‎06-05-2020 02:04 AM