Getting Data In
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

Filter Error records

vijreddy30
Loves-to-Learn Everything
‎11-17-2023 02:11 AM

Hi All,

The below 10 Error Records have, Last 3 Error records need not ingested, the above 7 error records data only be ingested.How do we write the Regular Expression ,please guide me.

 

 

2023-11-06 15:30:48,941 ERROR pool-1-thread-1 com.veeva.brp.batchrecordprint.ScheduledTasks - PCI ERROR: No package class found with name: PRD-QDB35801A

2023-11-06 15:30:48,941 ERROR pool-1-thread-1 com.veeva.brp.batchrecordprint.ScheduledTasks - PCI ERROR: (INVALID_DATA) Invalid value [V5100000003P211] specified for parameter [package_class__c] : Object record ID does not resolve to a valid active [package_class__c]

2023-11-06 15:30:48,941 ERROR https-jsse-nio-8443-exec-9 com.veeva.brp.batchrecordprint.BatchRecordPrintController - PRINT ERROR: Print failure response

2023-11-06 15:30:48,941 ERROR pool-1-thread-1 com.veeva.brp.batchrecordprint.ScheduledTasks - Unknown error: {errorType=GENERAL, responseStatus=EXCEPTION, responseMessage=502 Bad Gateway}

2023-11-06 15:30:48,941 ERROR https-jsse-nio-8443-exec-2 com.veeva.brp.batchrecordprint.BatchRecordPrintController - (API_LIMIT_EXCEEDED) You have exceeded the maximum number of authentication API calls allowed in a [1] minute period.

2023-11-06 15:30:48,941 ERROR pool-1-thread-1 com.veeva.brp.batchrecordprint.ScheduledTasks - PCI ERROR: No package class found with name: PR01-PU3227V1MSPS 0001

2023-11-08 06:19:49,539 ERROR https-jsse-nio-8443-exec-1 com.veeva.brp.batchrecordprint.BatchRecordPrintController - DOCLIFECYCLE ERROR: Error initiating lifecycle action for document: 5742459, Version: 0.1

2023-10-25 10:56:46,710 ERROR pool-1-thread-1 com.veeva.bpr.batchrecordprint.scheduledTasks - Header Field Name: bom_uom_1_c, value:E3HR5teHlfOQjzUJ74jTdKh1Tu0yajHqT/H98klZOyU=
2023-10-25 10:56:46,711 ERROR pool-1-thread-1 com.veeva.bpr.batchrecordprint.scheduledTasks - BOM Field Name: BOM_Added_1, value is out of Bounds using beginIndex:770, endIndex:771 from line:
2023-10-25 10:56:46,711 ERROR pool-1-thread-1 com.veeva.bpr.batchrecordprint.scheduledTasks

Labels (1)
Labels
0 Karma
Reply

PickleRick
SplunkTrust
SplunkTrust
‎11-17-2023 02:16 AM

Events are ingested one at a time and there is no "state" which could be carried over from one event to another. So limiting your ingestion this way directly in Splunk is not possible.

If you can define it not as "ingest only first 3 events" but as "(don't) ingest events (not) matching given patter", that's another story.

0 Karma
Reply
Get Updates on the Splunk Community!

Modern way of developing distributed application using OTel

Recently, I had the opportunity to work on a complex microservice using Spring boot and Quarkus to develop a ...

Enterprise Security Content Update (ESCU) | New Releases

Last month, the Splunk Threat Research Team had 3 releases of new security content via the Enterprise Security ...

Archived Metrics Now Available for APAC and EMEA realms

We’re excited to announce the launch of Archived Metrics in Splunk Infrastructure Monitoring for our customers ...