Splunk Search
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

How to generate a search to find errors by type for my error log?

kirankotla
New Member
‎12-27-2016 09:05 AM 
ERROR - *(somedata).
 FlatFile ERROR - 2649 BUSINESS_LOGIC 
 ERROR - More than 1 primary id found for the given offering

i wants to find errors type by some data

0 Karma
Reply

somesoni2
Revered Legend
‎12-27-2016 05:58 PM

Try like this

your base search (e.g. index=foo sourcetype=bar "ERROR") 
| rex "ERROR - (?<Error_Message>.+)" 
| stats count by Error_Message
Reply

kirankotla
New Member
‎12-27-2016 04:33 PM

Hi
All logs are bellow format ,i wants to chart over unique errors ,and count of each error.
ERROR - More than 1 primary id found for
ERROR - 75785 BUSINESS_LOGIC The number
ERROR - something

0 Karma
Reply

somesoni2
Revered Legend
‎12-27-2016 01:58 PM

Could you provide more information on your requirement here? You want to just filter the events which has error in formation ERROR - <<errormessage>> ?

0 Karma
Reply
Get Updates on the Splunk Community!

Webinar Recap | Revolutionizing IT Operations: The Transformative Power of AI and ML ...

The Transformative Power of AI and ML in Enhancing Observability   In the realm of IT operations, the ...

.conf24 | Registration Open!

Hello, hello! I come bearing good news: Registration for .conf24 is now open!   conf is Splunk’s rad annual ...

ICYMI - Check out the latest releases of Splunk Edge Processor

Splunk is pleased to announce the latest enhancements to Splunk Edge Processor.  HEC Receiver authorization ...