I am trying to find the string using search "com.jdedwards.system.connector.dynamic.InvalidRemoteSessionException". This string is already present in the log which is uploaded in splunk. But I wonder I can find this string which is also present in the log "com.jdedwards.system.connector.dynamic.InvalidSessionException". the only difference between that two string is only one word "Remote". is there any character limit for this?
Hi Abilan
If you indexed you log data in a sourcetype , just write your sourcetype name and follow it by these strings:
"InvalidRemoteSessionException" and "InvalidSessionException"
Run this search code
sourcetype=........ "InvalidRemoteSessionException" and "InvalidSessionException"
I think it will work
Hi Abilan
If you indexed you log data in a sourcetype , just write your sourcetype name and follow it by these strings:
"InvalidRemoteSessionException" and "InvalidSessionException"
Run this search code
sourcetype=........ "InvalidRemoteSessionException" and "InvalidSessionException"
I think it will work
thanks good
Hi Chimell,
you are correct.. It also worked. I have made a custom type for my log. Include that also in the search.
Thank you so much....
Regards,
Abilan
did you try searching for "*InvalidRemoteSessionException*"
and "*InvalidSessionException*"
?
Thank You so much. It worked "InvalidRemoteSessionException" .. May i know why we need to include ** in prefix as well suffix?
I wasn't sure if you had any events with something following the keywords. So just to be safe, I included the * as the suffix.
Great..Thanks again!