Getting Data In
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

IIS Error 200 monitor

vaibhavbeohar
Path Finder
‎01-03-2013 02:26 AM

Hi,

I have running Splunk with IIS log, in my search i have created field name Error in my log.
we have consider error 200 is ok status, want to remove error 200 in my field(Error), what should i need to give in search, i tried following options.

| fields - Error=200
| fields - "Error=200"
| fields - 'Error=200'
but none of the options are working

Thanks,
Vaibhav.

Tags (1)
0 Karma
Reply

dart
Splunk Employee
Splunk Employee
‎01-03-2013 02:44 AM 
sourcetype=iis* Error!=200

should give you all those with non 200 error codes. You may wish to use:

sourcetype=iis* Error!=2*
Reply

vaibhavbeohar
Path Finder
‎01-03-2013 03:11 AM

thanks alot.

0 Karma
Reply
Get Updates on the Splunk Community!

.conf24 | Registration Open!

Hello, hello! I come bearing good news: Registration for .conf24 is now open!   conf is Splunk’s rad annual ...

ICYMI - Check out the latest releases of Splunk Edge Processor

Splunk is pleased to announce the latest enhancements to Splunk Edge Processor.  HEC Receiver authorization ...

Introducing the 2024 SplunkTrust!

Hello, Splunk Community! We are beyond thrilled to announce our newest group of SplunkTrust members!  The ...