×

Join the Conversation

Without signing in, you're just watching from the sidelines. Sign in or Register to connect, share, and be part of the Splunk Community.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question
asoma0707
New Member
Member since: ‎03-26-2020
‎06-05-2020
Community Statistics
Posts 4
Solutions 0
Karma Given 0
Karma Received 0
Member Since ‎03-26-2020
Activity Feed
View All

Re: Unable to retrieve XML tags which as mutliple ...

by in Splunk Search
‎04-17-2020 12:02 PM
‎04-17-2020 12:02 PM
somehow, new sample xml is not showing up in the reply. Hence, I updated the sample xml in original question. Please refer to that ... View more

Re: Unable to retrieve XML tags which as mutliple ...

by in Splunk Search
‎04-17-2020 11:59 AM
‎04-17-2020 11:59 AM
Thank you for your reply. This solution works perfectly. After running the query, I found another use case of xml: Now, group is additional attribute that showing in few of the xml tags. Could you please help in extract "group" as well. desired Output like below: deptid value group 0 Facilities 1 Support 2 IT test Thanks in advance. ... View more

Unable to retrieve XML tags which as mutliple attr...

by in Splunk Search
‎04-16-2020 07:48 PM
‎04-16-2020 07:48 PM
Hi, I am novice to splunk and trying to learn explore things in it. Currently I am stuck with one problem while extracting the values from XML. Here is the sample xml format from splunk message 2020:04:15:02:03:54.643 INFO xyz NOFMT 123456778 tomcat-http--105 10123456778 logged message: <test> <dept id="0" value="Facilities"/> <dept id="1" value="Support"/> <dept id="2" value="IT" group="test"/></test> I need to extract the xml message and trying to compare the values based on the dept ID. for eg: where id=0 and LIKE(value,"%facilities%") OR id=1 and LIKE(value,"%IT%") Need to filter the messages based on above condition. While, I am trying to extract the ID and values but results are getting cluttered and not showing the desired results. Please help me in this regard. ... View more

Re: How do you do a spath search that would search...

by in Getting Data In
‎03-26-2020 09:21 AM
‎03-26-2020 09:21 AM
Hi, Can we use regular expression in search field after spath ? I am stuck in the similar kind of situation. I retrieved JSON object, after that I am looking for a particular string with different formats (alphaNumeric). Those are actually data anomalies. Could you please provide your advise on how do we incorporate regex in search field ? I tried, but could not come to the solution. ... View more
Contact Me
Online Status
Offline
Date Last Visited
‎06-05-2020 02:03 AM