Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
- About Khanu89
Khanu89
Explorer
Member since:
04-15-2022
4 weeks ago
Community Statistics
| Posts | 20 |
| Solutions | 0 |
| Karma Given | 4 |
| Karma Received | 1 |
| Member Since | 04-15-2022 |
Activity Feed
- Posted Re: How to create table from JSON? on Splunk Search. 05-19-2022 10:36 PM
- Posted Re: How to create table from JSON? on Splunk Search. 05-19-2022 10:32 PM
- Posted Re: How to create table from JSON? on Splunk Search. 05-19-2022 10:26 PM
- Posted Re: How to create table from JSON? on Splunk Search. 05-19-2022 10:15 PM
- Posted How to create table from JSON? on Splunk Search. 05-19-2022 08:11 PM
- Karma Re: HTTP error table for VatsalJagani. 05-10-2022 06:53 AM
- Posted Re: HTTP error table on Dashboards & Visualizations. 05-09-2022 10:16 PM
- Tagged Re: HTTP error table on Dashboards & Visualizations. 05-09-2022 10:16 PM
- Posted Creating a table, but it shows 3 column error msg? on Dashboards & Visualizations. 05-09-2022 06:56 PM
- Posted Re: Dynamic Dropdown percentage on Dashboards & Visualizations. 04-29-2022 07:46 PM
- Posted Re: Dynamic Dropdown percentage on Dashboards & Visualizations. 04-29-2022 07:16 AM
- Posted How to change Dynamic Dropdown percentage and color? on Dashboards & Visualizations. 04-28-2022 08:45 PM
- Karma Re: Pull in client/server errors into table format for VatsalJagani. 04-26-2022 11:10 AM
- Posted Re: Pull in client/server errors into table format on Splunk Search. 04-26-2022 09:24 AM
- Posted Re: Pull in client/server errors into table format on Splunk Search. 04-26-2022 07:10 AM
- Tagged Re: Pull in client/server errors into table format on Splunk Search. 04-26-2022 07:10 AM
- Posted Re: Pull in client/server errors into table format on Splunk Search. 04-25-2022 04:47 PM
- Karma Re: Pull in client/server errors into table format for VatsalJagani. 04-25-2022 08:56 AM
- Posted How to pull in client/server errors into table format? on Splunk Search. 04-24-2022 06:11 PM
- Karma Re: How to breakdown errors in charts group by error codes in error tables or list? for Gr0und_Z3r0. 04-22-2022 07:57 AM
Topics I've Started
| Subject | Karma | Author | Latest Post |
|---|---|---|---|
| 0 | |||
| 0 | |||
| 0 | |||
| 0 | |||
| 0 | |||
| 0 |
05-19-2022
10:26 PM
yeah I do not know why they are split up in multiple events but the host, success and error will be in same event.
... View more
05-19-2022
10:15 PM
@ITWhisperer Here you are. So my code is pinging remote machines and the response is in JSON file. I would like to table the host and success from this response file.
... View more
05-19-2022
08:11 PM
Hello - Thank you in advance for the help. I am getting following raw data in Splunk events which I'd like to pull into a table format.
I would like to pull the following: Host, Success, and Error field as columns for my table.
I tried this query but no success: | makeresults | eval _raw="{\"host\"},{\"success\",{\"error\"}" | spath path=host{} output=temp | mvexpand temp | spath input=temp | fillnull value="None" | table host,success,error
... View more
Labels
- Labels:
-
chart
-
eval
-
field extraction
05-09-2022
10:16 PM
@VatsalJagani Thank you for your input. Can you please elaborate on how can I extract separately?
... View more
- Tags:
- Can
05-09-2022
06:56 PM
I am trying to create a table which shows 3 column error msg, errorcode, and count. my current query is pulling the errorcode/msg in one column and error count individually instead of whole. Please assist.
my Current Query
My current query
Current Output
Expected Output
... View more
04-29-2022
07:46 PM
@VatsalJagani Thank you your input. The Type $event_type$ is the token name. If I remove that the dropdown will not work.
... View more
04-29-2022
07:16 AM
@gcusello Thank you Giuseppe for your input. I tried this but their is option like that when I click the pen.
... View more
04-28-2022
08:45 PM
I have added a dropdown in my panel as shown below. My issue is that regardless of which option I chose it shows red in the pie chart and 100%. I would like to know how I can change colors by the selection and also for the percentage to update based on the selection from the drop down.
... View more
Labels
- Labels:
-
Other
-
panel
-
simple XML
-
token
04-26-2022
09:24 AM
@VatsalJagani I have also tried what you've suggested and it gives me the following pie chart which isn't what I want. I would like the pie chart to be like the one below but group all 400's, 500's, Other instead of listing individually as they are listed in the screenshot. I
... View more
04-26-2022
07:10 AM
@VatsalJagani I have tired that it does not categorizes the errors. I'd like to see the pie chart breakdown by error code. For example 401 - 2%, 404 - 18%, 443 - 23% and etc.
... View more
- Tags:
- @
04-25-2022
04:47 PM
@VatsalJagani I figured out my rex query and was able to use yours to get my table but not all rows are populating. here is what I go so far. Query: index=epic_ehr sourcetype="WinEventLog:Epic" |rex field=_raw "%\s(?P<ErrorCode>.*)\s" | stats count as error_count, max(_time) as _time by ErrorCode | eval status_category=case(ErrorCode>=400 AND ErrorCode<500, "client error", ErrorCode>=500, "server error", 1==1, "-") |table _time,ErrorCode,Status_Category,Error_Count How can convert this data into a Pie chart which shows percentage of each error code?
... View more
04-24-2022
06:11 PM
Hello - thank you for assisting in advance. I need to write up a query which will pull in client/server errors from event message into table format as shown below.
_time
status_category
Error Code
error_count
2022-01-26:17:30:00
server error
503
2
2022-01-26:18:30:00
client error
404
6
Here are examples of the EvenTypes and available fields for the index.
Error 503
Fields
... View more
- Tags:
- error
04-21-2022
03:03 PM
@ITWhisperer I am running the following which breaks down different categories but how can I break down the Error type to percentage of errors such as 20% 404, 15% 503 etc.. index=epic_ehr |stats count by Type
... View more
04-21-2022
10:04 AM
what sort of data would you like me to share?
... View more
04-21-2022
08:27 AM
I am trying to create a pie chart that would show difference error codes by category.
Here is my current query:
index= my_index
| stats last(_time) as _time last(Message) as Message by Type
| stats count by Type
| eval ErrorCode=443
| eval ErrorrCode=503
I'd like to pull in all errors without specifying the ErrorCodes as I have in my query.
... View more
Labels
- Labels:
-
chart
04-15-2022
09:26 AM
Hello - I am a new Splunk user and learning as I go. My current task is to breakdown Errors/Exceptions in chart group by error codes in error tables or list. current query: My current query only returns null values.
index= (index name) host=(hostname)
| timechart count by error
... View more
Contact Me
| Online Status |
Offline
|
| Date Last Visited |
4 weeks ago
|
