I have a large log of items that come from different machines. Each machine generates some set of errors. I want to see the top 10 errors for each machine.
in my mental splunk-pseudocode, I thought something like this:
machine="linux6.*" error="*Exception" | top (error) by machine
would produce:
linux6.1 NullPointerException 7699
linux6.1 InvalidArgumentException 7102
linux6.2 NullPointerException 909
linux6.2 InvalidArgumentException 1019
I'm really new to splunk, please help!
... View more