Hello community,
I am using search to get the values for ‘runtime’ and trying to get overall stats for a runtime values in the log for a given time period.
For my search command, I get the output with multiple rows as per below ( single row) -
host: abc-lyui-09
level: info
msg: {"key”:”#’abc.xyz.services.abc-def/call-qwe-rt-nats","return":"{\"status\":\"error\",\"errors\":[{\"code\":\"server-error\"}],\"timestamp\":\"2020-04-19T17:38:25.147Z\"}","time":600474579345999,"start-time":600473689740122,"state":"return","stop-time":600474579339135,"thread":48703,"runtime":889.599013,"correlation-id":"f0c7e1d1-db8d-4fb7-b564-e89c6fc625f3"}
timestamp: 2020-04-19 17:38:25.150+0000
I am trying to extract values for ‘runtime’ ( example above with 889.599013) from the log for a given time range to find the trend ( e.g. last 24 hrs).
The example output can be for a selected time period.
timestamp, runtime , correlation-id
Whats the best way to get the output? I am novice to splunk search and reporting.
Thanks,
... View more