babjibayya Posted July 20, 2020 Report Posted July 20, 2020 Naa log string idi : Response received in 350ms(milliseonds) Splunk query is below: index ="orders" source="/log/springboot/daemon.log" "Response received in" | rex "Response received in \s+(?<duration>\d\d\d+)ms(milliseonds)" | where duration>300 Search chesthunte 0 results vasthunnai even though we have tons of logs which is greater then 300 milliseconds Quote
Pitta Posted July 20, 2020 Report Posted July 20, 2020 17 minutes ago, sri_india said: splunk anteee enti bro?? LAT Quote
afacc123 Posted July 20, 2020 Report Posted July 20, 2020 1 hour ago, babjibayya said: Naa log string idi : Response received in 350ms(milliseonds) Splunk query is below: index ="orders" source="/log/springboot/daemon.log" "Response received in" | rex "Response received in \s+(?<duration>\d\d\d+)ms(milliseonds)" | where duration>300 Search chesthunte 0 results vasthunnai even though we have tons of logs which is greater then 300 milliseconds wish I could help but not using it currently best is to post here if no one else takes up LTT https://community.splunk.com/t5/Splunk-Answers/ct-p/en-us-splunk-answers Quote
Sreeven Posted July 21, 2020 Report Posted July 21, 2020 4 hours ago, sri_india said: splunk anteee enti bro?? monitoring tool.. Quote
UNITED99 Posted July 21, 2020 Report Posted July 21, 2020 Just now, Sreeven said: monitoring tool.. wrong.. logging tool Quote
Sarvapindi Posted July 21, 2020 Report Posted July 21, 2020 6 minutes ago, UNITED99 said: wrong.. logging tool Asal deentho em chestar vaa..monna linkedin lo oka job post chusa $185k anta 3+ yrs exp..is it related to security implementation? Quote
kevinUsa Posted July 21, 2020 Report Posted July 21, 2020 4 hours ago, babjibayya said: Naa log string idi : Response received in 350ms(milliseonds) Splunk query is below: index ="orders" source="/log/springboot/daemon.log" "Response received in" | rex "Response received in \s+(?<duration>\d\d\d+)ms(milliseonds)" | where duration>300 Search chesthunte 0 results vasthunnai even though we have tons of logs which is greater then 300 milliseconds Inka edi market lo unda ?? What abt elk ?? Quote
rajnik Posted July 21, 2020 Report Posted July 21, 2020 splunk provides way too many features.. real time security alerts, etc.. lot of big companies heavily rely on Splunk.. I don't think it is going anywhere for a while. Quote
tvda Posted July 21, 2020 Report Posted July 21, 2020 try this: index ="orders" source="/log/springboot/daemon.log" "Response received in" | rex "Response received in (?<duration>.*?)ms" | where duration>300 Quote
sri_india Posted July 21, 2020 Report Posted July 21, 2020 3 hours ago, UNITED99 said: wrong.. logging tool neene anukunna , nakkana goranga unnavu kadha bro ....at least log aggregator ani anna chepalsindi kadha bro , how come splunk is logging tool Quote
nag_mama Posted July 21, 2020 Report Posted July 21, 2020 23 minutes ago, sri_india said: neene anukunna , nakkana goranga unnavu kadha bro ....at least log aggregator ani anna chepalsindi kadha bro , how come splunk is logging tool logs monitoring tool Quote
sri_india Posted July 21, 2020 Report Posted July 21, 2020 1 minute ago, nag_mama said: logs monitoring tool yeah , it started as log aggregator and search based on those aggregated logs , later monitoring and analyzing capabilities added , now so many companies use it for continues monitoring security vulnerabilities , network traffic etc.... Quote
nag_mama Posted July 21, 2020 Report Posted July 21, 2020 3 minutes ago, sri_india said: yeah , it started as log aggregator and search based on those aggregated logs , later monitoring and analyzing capabilities added , now so many companies use it for continues monitoring security vulnerabilities , network traffic etc.... yeah, so easy to search lekapothe prathi server loki login ayyi vethakaali Quote
babjibayya Posted July 21, 2020 Author Report Posted July 21, 2020 13 hours ago, tvda said: try this: index ="orders" source="/log/springboot/daemon.log" "Response received in" | rex "Response received in (?<duration>.*?)ms" | where duration>300 Worked bro. Thank you One more question. We have thousands of items and I need to count how many of them requested in a column chart. Any Idea ? Logs: store: 1000; item: 55560; store: 1000; item: 66560; store: 1002; item: 77560; store: 1004; item: 77560; store: 1002; item: 77560; Quote
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.