Hi ,
I have in my log like
{"name":"liquid-networth","value":"2000001"}
I need to get all value which is greater than and equal to 2000001. Please help me to find in splunk search..
Like this:
index=YourIndexHere sourcetype=YourSourcetypeHere | spath | search value >= 2000001
Note: the spath
command might create a field name with other prefices for value
so it may not have that exact name.
You can use >= in your search, assuming you have "value" parsed out into a field already:
index=(your index) value >= 2000001