cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question
knarinen3
New Member
Member since: ‎12-05-2019
‎06-05-2020
Community Statistics
Posts 2
Solutions 0
Karma Given 0
Karma Received 0
Member Since ‎12-05-2019
Activity Feed
Topics I've Started
View All

Re: Multistep transaction using stats

by in Splunk Search
‎12-05-2019 04:48 AM
‎12-05-2019 04:48 AM
hi, the data provided was in stats format. the raw data is like this: {"container_name":"/beconsumer_KafkaConsumer.1.irz785be5dhsco32lqqtu51bh","source":"stdout","log":"2019-12-03 18:05:00 INFO EventLogger:%_ - Topic: cctiBusinessEvents-Nft01X, Key: 5q9ptD2QRZGkIrv1hPD3Mg, transactionTraceIdentification=ade1c48f-b51f-4b5c-8f17-ae1adcba15f4, paymentProduct=DEPFUND, entityId=f8b15f9d-44e8-48d2-b74b-a6c10c14682a, amount=1, eventCode=customerCreditTransferInitiationCompleted, channel=retail, Offset=226816, currency=DKK, businessEventId=POM-CustomerCreditTransferInitiationV07-2-1782729, instructionReceiptIdentification=PMTDKRG1239297, Partition=1, dateTime=2019-12-03T13:15:04.283Z","container_id":"0172589e4fab1e910305476a8090b66a0d0e5ce6fd8e076e99d51f333d9c45c4"} {"source":"stdout","log":"2019-12-03 18:05:00 INFO EventLogger:%_ - Topic: cctiBusinessEvents-Nft01X, Key: 5q9ptD2QRZGkIrv1hPD3Mg, entityId=f8b15f9d-44e8-48d2-b74b-a6c10c14682a, eventCode=customerCreditTransferSettled, channel=retail, Offset=226815, businessEventId=POM-CustomerCreditTransferInitiationV07-2-1782726, instructionReceiptIdentification=65052\"}, Partition=1, dateTime=2019-12-03T13:15:04.275Z","container_id":"0172589e4fab1e910305476a8090b66a0d0e5ce6fd8e076e99d51f333d9c45c4","container_name":"/beconsumer_KafkaConsumer.1.irz785be5dhsco32lqqtu51bh"} {"container_id":"0172589e4fab1e910305476a8090b66a0d0e5ce6fd8e076e99d51f333d9c45c4","container_name":"/beconsumer_KafkaConsumer.1.irz785be5dhsco32lqqtu51bh","source":"stdout","log":"2019-12-03 18:05:00 INFO EventLogger:%_ - Topic: cctiBusinessEvents-Nft01X, Key: 5q9ptD2QRZGkIrv1hPD3Mg, entityId=f8b15f9d-44e8-48d2-b74b-a6c10c14682a, eventCode=customerCreditTransferInitiationProcessed, channel=retail, Offset=226813, businessEventId=POM-CustomerCreditTransferInitiationV07-2-1782725, instructionReceiptIdentification=65052\"}, Partition=1, dateTime=2019-12-03T13:15:03.820Z"} {"container_name":"/beconsumer_KafkaConsumer.1.irz785be5dhsco32lqqtu51bh","source":"stdout","log":"2019-12-03 18:05:00 INFO EventLogger:%_ - Topic: cctiBusinessEvents-Nft01X, Key: 5q9ptD2QRZGkIrv1hPD3Mg, transactionTraceIdentification=ade1c48f-b51f-4b5c-8f17-ae1adcba15f4, paymentProduct=DEPFUND, entityId=f8b15f9d-44e8-48d2-b74b-a6c10c14682a, amount=1, eventCode=customerCreditTransferInitiationReceived, channel=retail, Offset=226812, currency=DKK, businessEventId=POM-CustomerCreditTransferInitiationV07-2-1782709, instructionReceiptIdentification=PMTDKRG1239297, Partition=1, dateTime=2019-12-03T13:15:03.764Z","container_id":"0172589e4fab1e910305476a8090b66a0d0e5ce6fd8e076e99d51f333d9c45c4"} and query I use to format it: search query | rex "Topic:\s+(?.?),\s+Key:\s+(?.?)," | rex "entityId=(?\S+?)," | rex "eventCode=(?\S+?)," | rex "Partition=(?\S+?)" | rex "dateTime=(?\S+?)\"" |stats values(topic) as Topic values(entityId) as EntityId list(eventCode) as EventCode list(dateTime) as timestamp by key ... View more

Multistep transaction using stats

by in Splunk Search
‎12-05-2019 02:41 AM
‎12-05-2019 02:41 AM
Hi, I have following stats table key EventCode timestamp 5q9ptD2QRZGkIrv1hPD3Mg customerCreditTransferInitiationCompleted 2019-12-03T13:15:04.283Z customerCreditTransferSettled 2019-12-03T13:15:04.275Z customerCreditTransferInitiationProcessed 2019-12-03T13:15:03.820Z customerCreditTransferInitiationReceived 2019-12-03T13:15:03.764Z I would like to measure duration of each step. any ideas how to do it? ... View more
Contact Me
Online Status
Offline
Date Last Visited
‎06-05-2020 02:04 AM