×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question
rrkollip
New Member
Member since: ‎01-31-2018
‎06-05-2020
Community Statistics
Posts 4
Solutions 0
Karma Given 0
Karma Received 0
Member Since ‎01-31-2018
Activity Feed
View All

Is there way to customize the Payload when Splunk ...

by in Deployment Architecture
‎02-26-2018 06:46 PM
‎02-26-2018 06:46 PM
I am calling webhook when certain alert triggers in splunk, I want to exact payload by looking at the alert result so that I can better program the JAVA rest API. ... View more

How to know the exact payload in JSON "result" sec...

by in Splunk Dev
‎02-22-2018 04:27 PM
‎02-22-2018 04:27 PM
I am calling webhook when certain alert triggers in splunk, I want to exact payload by looking at the alert result so that I can better program the JAVA rest API. ... View more

Re: How to extract and find the difference in time...

by in Splunk Search
‎02-06-2018 01:23 PM
‎02-06-2018 01:23 PM
This worked to get the entry & exit time. When I run query like below to calculate the difference, none of the strptime and strftime functions works with fields entry_time and exit_time. My base search | rex field=_raw ".Worker#(?[\d+]).-\s([(?[^]]).entry|[(?[^]]).*exit)" | eval entry=strptime(entry_time,"%d/%m/%Y-%H:%M:%S") | eval exit=strptime(exit_time,"%d/%m/%Y-%H:%M:%S") | eval diff = exit-entry Does strptime and strftime functions works with the fields extracted from regex? ... View more

How to extract and find the difference in time bet...

by in Splunk Search
‎01-31-2018 03:30 PM
‎01-31-2018 03:30 PM
Hi , I have 2 events like below and I need to find the difference in time between 2 events. There may be a lot of other events between them. I'm trying to write a regular expression to extract the time in [] brackets and create as an EntryTIME and EXITTIME fields. Event 1: Worker#108 [SWAPScheduler-INDIA] - [2018-01-31 04:30:04,340] - DEBUG - AppLogger: SWAPScheduler.executeInternal entry Event 2: Worker#108 [SWAPScheduler-INDIA] - [2018-01-31 04:30:04,340] - DEBUG - AppLogger: SWAPScheduler.executeInternal exit Please help me in creating regex to extract this in Splunk. I tried field extractor but it's allowing only 1 string to add as a required text. If I do this I can't have 2 fields to get entry time and exit time. ... View more
Contact Me
Online Status
Offline
Date Last Visited
‎06-05-2020 02:04 AM