I am able to perform a search of some logs, but I would like to see the context surrounding a specific event.
For example, I run a search for "foo" and receive many results, but I would like to see the lines immediatly preceding the line with "foo" in it.
Using a linux grep command, I could run "grep -B5 foo /var/log/messages" to find lines with "foo" in them and the 5 lines preceding it. Is there a way in Splunk to perform the same type of search?
... View more