splunk experts - koncham help cheyyandi

[babjibayya]

Naa log string idi : Response received  in 350ms(milliseonds)

 

Splunk query is below:

index ="orders" source="/log/springboot/daemon.log"  "Response received  in" | rex "Response received  in \s+(?<duration>\d\d\d+)ms(milliseonds)" | where duration>300

Search chesthunte 0 results vasthunnai even though we have tons of logs which is greater then 300 milliseconds

[sri_india]

splunk anteee enti bro?? 

[Pitta]

17 minutes ago, sri_india said:

splunk anteee enti bro?? 

LAT 

[afacc123]

1 hour ago, babjibayya said:

Naa log string idi : Response received  in 350ms(milliseonds)

 

Splunk query is below:

index ="orders" source="/log/springboot/daemon.log"  "Response received  in" | rex "Response received  in \s+(?<duration>\d\d\d+)ms(milliseonds)" | where duration>300

Search chesthunte 0 results vasthunnai even though we have tons of logs which is greater then 300 milliseconds

wish I could help but not using it currently

best is to post here if no one else takes up

LTT

https://community.splunk.com/t5/Splunk-Answers/ct-p/en-us-splunk-answers

[Sreeven]

4 hours ago, sri_india said:

splunk anteee enti bro?? 

monitoring tool..

[UNITED99]

Just now, Sreeven said:

monitoring tool..

wrong..

 

logging tool

[Sarvapindi]

6 minutes ago, UNITED99 said:

wrong..

 

logging tool

Asal deentho em chestar vaa..monna linkedin lo oka job post chusa $185k anta 3+ yrs exp..is it related to security implementation?

[kevinUsa]

4 hours ago, babjibayya said:

Naa log string idi : Response received  in 350ms(milliseonds)

 

Splunk query is below:

index ="orders" source="/log/springboot/daemon.log"  "Response received  in" | rex "Response received  in \s+(?<duration>\d\d\d+)ms(milliseonds)" | where duration>300

Search chesthunte 0 results vasthunnai even though we have tons of logs which is greater then 300 milliseconds

Inka edi market lo unda ??

What abt elk ??

 

[rajnik]

splunk provides way too many features.. real time security alerts, etc.. lot of big companies heavily rely on Splunk.. I don't think it is going anywhere for a while.

[tvda]

try this:

index ="orders" source="/log/springboot/daemon.log"  "Response received  in" | rex "Response received  in (?<duration>.*?)ms" | where duration>300

[sri_india]

3 hours ago, UNITED99 said:

wrong..

 

logging tool

neene anukunna , nakkana goranga unnavu kadha bro ....at least log aggregator ani anna chepalsindi kadha bro , how come splunk is logging tool 

[nag_mama]

23 minutes ago, sri_india said:

neene anukunna , nakkana goranga unnavu kadha bro ....at least log aggregator ani anna chepalsindi kadha bro , how come splunk is logging tool 

logs monitoring tool

[sri_india]

1 minute ago, nag_mama said:

logs monitoring tool

yeah , it started as log aggregator and search based on those aggregated logs , later monitoring and analyzing capabilities added , now so many companies use it for continues monitoring   security vulnerabilities , network traffic etc....  

[nag_mama]

3 minutes ago, sri_india said:

yeah , it started as log aggregator and search based on those aggregated logs , later monitoring and analyzing capabilities added , now so many companies use it for continues monitoring   security vulnerabilities , network traffic etc....  

yeah, so easy to search lekapothe prathi server loki login ayyi vethakaali

[babjibayya]

13 hours ago, tvda said:

try this:

index ="orders" source="/log/springboot/daemon.log"  "Response received  in" | rex "Response received  in (?<duration>.*?)ms" | where duration>300

Worked bro. Thank you

One  more question. We have thousands of items and I need to count how many of them requested in a column chart. Any Idea ?

Logs:

store: 1000; item: 55560;

store: 1000; item: 66560;

store: 1002; item: 77560;

store: 1004; item: 77560;

store: 1002; item: 77560;