Re: how to see multiple file names in Spunk with t...

sunnyparmar · ‎11-29-2018

Hi Guys,

I have multiple .xml files, around 1100 and all files have the status of either negative or positive in logs so I want to search all files on Splunk in a one go corresponding there status. Any insights would be appreciated.

Thanks in Advance
Ankit

burwell · ‎11-29-2018

Hello. Please provide sample logs.

sunnyparmar · ‎11-30-2018

In case of Negative acknowledgement getting these two errors in log for the same file -

841392-1538181685-12005_ehfd.jcloud.no.xml - Returned negative MDN ERROR: and Unable to persist XML document

For positive acknowledgment, logs generating -> status=ok

Thanks in advance..

burwell · ‎11-30-2018

I am not quite understanding this. Is there a log with the above lines? Can you show us a sample of the exact lines so we can help?

It looks like there is no date or timestamp in the above, for example.

Thanks.

sunnyparmar · ‎12-03-2018

Hi @burwell,

Could you please help me out. Waiting for your help.

Thanks
Ankit

sunnyparmar · ‎11-30-2018

In case of OK acknowledgement -

2018-09-29 00:41:25,590 [AS2Servlet.java] [http-bio-8080-exec-358] [DEBUG] [eu.peppol.inbound.server.AS2Servlet] Served request, status=OK:

In case of ERROR acknowledgment -

2018-09-29 00:01:57,418 [InboundMessageReceiver.java] [http-bio-8080-exec-358] [ERROR] [eu.peppol.as2.InboundMessageReceiver] Unexpected error: Unable to persist XML document for PeppolMessageMetaData

how to see multiple file names in Spunk with there status

Stay Connected: Your Guide to May Tech Talks, Office Hours, and Webinars!

They're back! Join the SplunkTrust and MVP at .conf24

Enterprise Security Content Update (ESCU) | New Releases