Hi Team,
I am new to Splunk tool. But going through vast documentation also din't help me much.
If someone can help me to know that how to achieve below out put from logs, would really be helpful.
Below raw is just one sample from logs. So i need to have as many rows as we have objectCount.
Raw Output Logs:
<135>Jul 22 01:15:42 ******.nsroot.net {"datetime":"2016-07-22T05:14:40.292Z","apiName":"XYZ","apiVersion":1,"appName":"ABC","envName":"External-ADP","planName":"LMN","planVersion":1,"timeToServeRequest":922,"bytesSent":209,"requestProtocol":"https","requestMethod":"GET",requestTimestamp : 2016-07-22T01:14:39-04:00,responseTimestamp : 2016-07-22T01:14:40-04:00,X-Content-Type-Options : nosniff","responseBody":"","latency":"Initialization=0ms : Start=6ms : 576197e8e4b0d8a5ff967ffc=1ms : 576197e8e4b0d8a5ff967fff=3ms : 56f18e6ee4b06bb8f1889f36=0ms : 1326652068303=2ms : Activity Log 5=0ms : Request=1ms : HTTP GET Operation 5=38ms : HTTP POST Operation 8=519ms : HTTP PUT Operation 2=138ms : HTTP POST Operation 5=139ms : Response=75ms"}
REQUIRED OUTPUT
APIName = XYZ
timeToServeRequest = 922
Start = 6ms
Appreciate your help and response.
... View more