Solved: Extract numerical value from text logs and get max...

vinayakolhapure · ‎11-16-2020

I want to extract a number from logs where the line of interest looks like,

INFO 2020-11-16 12:11:47,161 [ThreadName-1] com.mypackage.myclass TransId: a12345b6-7cde-8901-2f34-g5hi6jk789l0 Req ID - 123456 EvNum-1234567 - Received 12 create/cancel request.

I want to extract all occurrences for the number (in this example 12) between "Received " and " create/cancel request." for a time range and get the max. Basically to get what is the largest request the app received.

Thank you for your help with this.

richgalloway · ‎11-16-2020

I like to use rex for this purpose.

... | rex "Received (?<requestCount>\d+)"
| stats max(requestCount) as largestRequest

---
If this reply helps you, Karma would be appreciated.

View solution in original post

richgalloway · ‎11-16-2020

I like to use rex for this purpose.

... | rex "Received (?<requestCount>\d+)"
| stats max(requestCount) as largestRequest

---
If this reply helps you, Karma would be appreciated.

vinayakolhapure · ‎11-16-2020

Thank you. This helps a lot and gives me a great starting point to explore further.

Extract numerical value from text logs and get max occurrence of the number

count

eval

regex

stats

Database Performance Sidebar Panel Now on APM Database Query Performance & Service ...

IM Landing Page Filter - Now Available

Dynamic Links from Alerts to IM Navigators - New in Observability Cloud