Hi Folks ,
I am just a beginner in writing Splunk search queries and i really need your help on below case,
Lets say one of the batches triggers an request "123" at 11 AM and this information being captured in log abc.log (source=abc.log) and the information is stored as " request 123 successfully sent"and after this message generation there are some validation taken place .., during validation if any issues found (lets assume "transaction not completed and it is being rolled back"),that will be logged in error log xyz.log(source=xyz.log).
Now i want to trigger an alert when both the below conditions are met (time period 10.50 AM to 11.15 AM)
1) request 123 successfully sent (saysource=abc.log)
2) transaction not completed and it is being rolled back(source=xyz.log).
... View more