About simon9

simon9 · ‎02-23-2022

@gcusello OK, i understand. Grazie Mille for your help

simon9 · ‎02-23-2022

@gcusello you don't need to apologize, my description was not the best ! I tried the new statement, but unfortunately i still get the result, althoug just 1 logfile (Host) has entrys. Thank you for your Help!

simon9 · ‎02-23-2022

Ciao @gcusello thanks for your fast response! I tried it, but i get the data also if the entrie is just in one logfile . I need a result only, if the expression "server disconnect" is in both logfile at the same time. e.g: Logfile from "host 1" has 10 entrys "server disconnected" and logfile from "host 2" has 2 entrys "server disconnected" in the same timeperiod -> result should be 12. Logfile from "host 1" has 10 entrys "server disconnected" and Logfile from "host 2" has 0 entrys "server disconnected" in the same timeperiod -> result would be 0. Thanks, Simon

simon9 · ‎02-23-2022

Hi all, I'm a beginner working with splunk. I have 2 Logfiles with the same Name, but from 2 different Hosts. I would like to compare both file for an expression (e.g. "server disconected") and only get the result, when the same expression is in both file in the sime time-period (last 10 min.) so that i could use the select for a notification. I hope you understand what i mean🙂 Thanks, Simon

Posts	4
Solutions	0
Karma Given	3
Karma Received	0
Member Since	‎02-23-2022

Online Status	Offline
Date Last Visited	‎02-23-2022 11:56 AM

How to compare value of 2 logfiles for notificatio...

Re: Compare value of 2 logfiles for notification

Re: Compare value of 2 logfiles for notification

Re: Compare value of 2 logfiles for notification

How to compare value of 2 logfiles for notificatio...

Join the Conversation

How to compare value of 2 logfiles for notificatio...

Re: Compare value of 2 logfiles for notification

Re: Compare value of 2 logfiles for notification

Re: Compare value of 2 logfiles for notification

How to compare value of 2 logfiles for notificatio...