Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
×
Join the Conversation
Without signing in, you're just watching from the sidelines. Sign in or Register to connect, share, and be part of the Splunk Community.
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
- Find Answers
- :
- About kchongo
kchongo
New Member
Member since:
10-06-2016
06-05-2020
Community Statistics
| Posts | 8 |
| Solutions | 0 |
| Karma Given | 0 |
| Karma Received | 0 |
| Member Since | 10-06-2016 |
Activity Feed
- Posted Re: Why is the x-axis time range reversed in my timechart? on Splunk Search. 10-10-2016 02:20 PM
- Posted Re: Why is the x-axis time range reversed in my timechart? on Splunk Search. 10-07-2016 01:08 PM
- Posted Re: Why is the x-axis time range reversed in my timechart? on Splunk Search. 10-07-2016 09:57 AM
- Posted Re: Why is the x-axis time range reversed in my timechart? on Splunk Search. 10-07-2016 09:55 AM
- Posted Why is the x-axis time range reversed in my timechart? on Splunk Search. 10-07-2016 09:11 AM
- Tagged Why is the x-axis time range reversed in my timechart? on Splunk Search. 10-07-2016 09:11 AM
- Tagged Why is the x-axis time range reversed in my timechart? on Splunk Search. 10-07-2016 09:11 AM
- Tagged Why is the x-axis time range reversed in my timechart? on Splunk Search. 10-07-2016 09:11 AM
- Tagged Why is the x-axis time range reversed in my timechart? on Splunk Search. 10-07-2016 09:11 AM
- Posted Re: How to extract and compute fields from a MongoDB log? on Splunk Search. 10-07-2016 07:44 AM
- Posted Re: How to extract and compute fields from a MongoDB log? on Splunk Search. 10-06-2016 05:22 PM
- Posted How to extract and compute fields from a MongoDB log? on Splunk Search. 10-06-2016 02:39 PM
- Tagged How to extract and compute fields from a MongoDB log? on Splunk Search. 10-06-2016 02:39 PM
- Tagged How to extract and compute fields from a MongoDB log? on Splunk Search. 10-06-2016 02:39 PM
- Tagged How to extract and compute fields from a MongoDB log? on Splunk Search. 10-06-2016 02:39 PM
- Tagged How to extract and compute fields from a MongoDB log? on Splunk Search. 10-06-2016 02:39 PM
Topics I've Started
| Subject | Karma | Author | Latest Post |
|---|---|---|---|
| 0 | |||
| 0 |
10-10-2016
02:20 PM
Basically, I want to extract fields from logs that look like the below entry:
Log sample:
2016-10-06T21:22:15.285+0000 I COMMAND [conn337418] command PersoTestServiceDB.$cmd command: update { update: "Test_Stage", updates: 1000, ordered: false, shardVersion: [ Timestamp 0|0, ObjectId('000000000000000000000000') ] } keyUpdates:0 writeConflicts:0 numYields:0 reslen:232 locks:{ Global: { acquireCount: { r: 2000, w: 2000 } }, Database: { acquireCount: { w: 2000 } }, Collection: { acquireCount: { w: 1000 } }, Metadata: { acquireCount: { w: 1000 } }, oplog: { acquireCount: { w: 1000 } } } protocol:op_command 175ms
The above block is from a MongoDB log file, I am mostly interested in extracting the last field and then sort by the field with the largest value in "ms". I am trying to see how long queries take to complete on average as well as identify the long running queries from the logs. I would also like to list the long running query next to the query time when sorted. Also if the graph can chart time from left to right on the X-axis.
... View more
10-07-2016
01:08 PM
I would like to see the time taken by each query in the log, using "max" will just show the max duration for the time period, but won't chart by each query shown in the logs.
... View more
10-07-2016
09:57 AM
index=web_mongodb host=mongodb-* "protocol:op_command" NOT "sleeping" NOT "splitChunk" | rex "(?\d+)ms" | eventstats avg(query_duration) as avg_query_duration | table _time _raw query_duration avg_query_duration
... View more
10-07-2016
09:55 AM
base query | rex "(?\d+)ms" | eventstats avg(query_duration) as avg_query_duration | table _time _raw query_duration avg_query_duration
... View more
10-07-2016
09:11 AM
I am seeing this odd behavior in my timechart, for some reason the X axis is reversed with the newest events showing nearest to the Y axis. For some reason this seems to change based on the time window I choose, this only happens on windows larger than 30 mins and for smaller windows, 5mins or less. This seems to show normally with the newest event appearing on the right of the X axis.
Is this some issue with Splunk and how can this be fixed?
... View more
10-07-2016
07:44 AM
Thanks, this gives me what I am looking for. I can build more around this starting point.
I noticed that the time seems to be shown on the graph on reverse, the latest times are the one closest to the x and y intersection; should this be the other way round? How can I fix this
... View more
10-06-2016
05:22 PM
Thanks this looks good, now one more thing; how can I strip out a log entry below that is counting sleep time; its adding to the average calculation and when sorted appears at the top of the results.
2016-10-07T00:11:56.366+0000 I SHARDING [LockPinger] cluster mongodbhost1a:27019,mongodbhost1b:27019,mongodbhost1c:27022 pinged successfully at 2016-10-07T00:11:55.615+0000 by distributed lock pinger 'mongodbhost1a:27019,mongodbhost1b:27019,mongodbhost1c:27022/mongodbhost4a:27018:1469673136:466927433', sleeping for 30000ms
... View more
10-06-2016
02:39 PM
Hello,
I am new to Splunk, can you help me figure out to extract and fields from logs that look like the below
2016-10-06T21:22:15.285+0000 I COMMAND [conn337418] command PersoTestServiceDB.$cmd command: update { update: "Test_Stage", updates: 1000, ordered: false, shardVersion: [ Timestamp 0|0, ObjectId('000000000000000000000000') ] } keyUpdates:0 writeConflicts:0 numYields:0 reslen:232 locks:{ Global: { acquireCount: { r: 2000, w: 2000 } }, Database: { acquireCount: { w: 2000 } }, Collection: { acquireCount: { w: 1000 } }, Metadata: { acquireCount: { w: 1000 } }, oplog: { acquireCount: { w: 1000 } } } protocol:op_command 175ms
The above block is from a MongoDB log file, I am mostly interested in extracting the last field and then sort by the field with the largest value in "ms". I am trying to see how long queries take to complete on average as well as identify the long running queries from the logs. I would also like to list the long running query next to the query time when sorted.
Your assistance is appreciated. Thanks.
... View more
Contact Me
| Online Status |
Offline
|
| Date Last Visited |
06-05-2020
02:04 AM
|
