I have xml logs as below where I am trying to write a Splunk search to do a search where entry=01 and result = Done
<?xml version="1.0" encoding="utf-16"?>
<transaction name="test" version="1">
<request>
<id>123</id>
<entry>01</entry>
</request>
</transaction>
<?xml version="1.0" encoding="utf-16"?>
<transaction name="test" version="1">
<response type="valid">
<result>WIP</result>
</transaction>
<?xml version="1.0" encoding="utf-16"?>
<transaction name="test" version="1">
<request>
<id>123</id>
<entry>02</entry>
</request>
</transaction>
<?xml version="1.0" encoding="utf-16"?>
<transaction name="test" version="1">
<response type="valid">
<result>DONE</result>
</transaction>
... View more