Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
Splunk Search
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
- Splunk Answers
- :
- Using Splunk
- :
- Splunk Search
- :
- How to get all sets of response time from user to ...
Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark Topic
- Subscribe to Topic
- Mute Topic
- Printer Friendly Page
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
How to get all sets of response time from user to agent in the entire log
rajaguru2790
Explorer
08-28-2019
02:43 PM
In the above log
User(Saj) to Agent(Rohi) Response for all the conversations in the log should be captured: In the above example three valid user to agent response is there.If there are multiple Agent's response in between it can be ignored.Only the user response should be captured and after that next agent immediate response should be captured parsing the entire log.
1st set: Difference from user to agent time needed in Secs:
User Response: 1/1/2019 2:42:55 AM
Agent Response: 1/1/2019 2:51:16 AM (Initial Response Found already using Regex)
2nd Set: Difference from user time to agent time is needed
User Response: 1/1/2019 2:54:38 AM
Agent Response: 1/1/2019 2:55:12 AM
3rd Set: Difference from user time to agent time is needed
User Response: 1/1/2019 2:56:39 AM
Agent Response: 1/1/2019 2:57:10 AM
Like this if "n" number of sets are there everything should be displayed and their
Interaction Measurement Number (Sequential Number starting at 1 to N that identifies the unique measurement in the session log extracted by sequentially parsing the Chat Session log)
Response Start Time - Time associated with User part of the User Agent interaction number measurement from the Session log
Response End Time – Time associated with the Agent part of the User Agent interaction number measurement from the Session log
Agent Interaction Response Time – Difference in End Time and Start Time of the interaction number measurement for the interaction number.
!_CI_!!_L_!en!_/LO_!!_TIME_!1/1/2019 2:42:55 AM!_/TIME_!
!_NAME_!Saj!_/NAME_!
!_TEXT_!<translateitem>Hi Team</translateitem>!_/TEXT_!!_NAMEID_!sajg6@test.com!_/NAMEID_!!_MID_!1!_/MID_!!_UTCEPOCHTIME_!1546328575000!_/UTCEPOCHTIME_!!_/CINST_!
--------------------------------------------------------------------------------------
!_CI_!!_L_!en!_/LO_!!_TIME_!1/1/2019 2:42:56 AM!_/TIME_!
!_NAME_!System!_/NAME_!
!_TEXT_!<span class='defaultsysmsg' style='display:none'>The following associated data has been added:<ul><li>Customer Information</li></ul></span>!_SM+msg_DataAdded+Customer InformationSM_!<arcmd cmd='event-UPDATEASSOCIATEDDATA' />!_/TEXT_!!_NAMEID_!system@email.com!_/NAMEID_!!_MID_!3!_/MID_!!_UTCEPOCHTIME_!1546328576000!_/UTCEPOCHTIME_!!_/CINST_!
--------------------------------------------------------------------------------------
!_CI_!!_L_!en!_/LO_!!_TIME_!1/1/2019 2:42:59 AM!_/TIME_!
!_NAME_!Rohi!_/NAME_!
!_TEXT_!<span class='defaultsysmsg' style='display:none'>System Message: Rohi is online for chatting.</span>!_SM+msg_AgentOnline+RohiSM_!!_/TEXT_!!_NAMEID_!rohi@test.com!_/NAMEID_!!_MID_!4!_/MID_!!_UTCEPOCHTIME_!1546328579000!_/UTCEPOCHTIME_!!_/CINST_!
--------------------------------------------------------------------------------------
!_CI_!!_L_!en!_/LO_!!_TIME_!1/1/2019 2:43:09 AM!_/TIME_!
!_NAME_!Saj!_/NAME_!
!_TEXT_!<translateitem>Wish you a very happy ne year</translateitem>!_/TEXT_!!_NAMEID_!sajg6@test.com!_/NAMEID_!!_MID_!5!_/MID_!!_UTCEPOCHTIME_!1546328589000!_/UTCEPOCHTIME_!!_/CINST_!
--------------------------------------------------------------------------------------
!_CI_!!_L_!en!_/LO_!!_TIME_!1/1/2019 2:43:12 AM!_/TIME_!
!_NAME_!Saj!_/NAME_!
!_TEXT_!<translateitem>new*</translateitem>!_/TEXT_!!_NAMEID_!sajg6@test.com!_/NAMEID_!!_MID_!6!_/MID_!!_UTCEPOCHTIME_!1546328592000!_/UTCEPOCHTIME_!!_/CINST_!
--------------------------------------------------------------------------------------
!_CI_!!_L_!en!_/LO_!!_TIME_!1/1/2019 2:43:25 AM!_/TIME_!
!_NAME_!Saj!_/NAME_!
!_TEXT_!<translateitem>I need to close this ticket 10936307</translateitem>!_/TEXT_!!_NAMEID_!sajg6@test.com!_/NAMEID_!!_MID_!7!_/MID_!!_UTCEPOCHTIME_!1546328605000!_/UTCEPOCHTIME_!!_/CINST_!
--------------------------------------------------------------------------------------
!_CI_!!_L_!en!_/LO_!!_TIME_!1/1/2019 2:43:32 AM!_/TIME_!
!_NAME_!Saj!_/NAME_!
!_TEXT_!<translateitem>please help me in closing the same</translateitem>!_/TEXT_!!_NAMEID_!sajg6@test.com!_/NAMEID_!!_MID_!8!_/MID_!!_UTCEPOCHTIME_!1546328612000!_/UTCEPOCHTIME_!!_/CINST_!
--------------------------------------------------------------------------------------
!_CI_!!_L_!en!_/LO_!!_TIME_!1/1/2019 2:45:07 AM!_/TIME_!
!_NAME_!Saj!_/NAME_!
!_TEXT_!<translateitem>Anyone there ?</translateitem>!_/TEXT_!!_NAMEID_!sajg6@test.com!_/NAMEID_!!_MID_!9!_/MID_!!_UTCEPOCHTIME_!1546328719000!_/UTCEPOCHTIME_!!_/CINST_!
--------------------------------------------------------------------------------------
!_CI_!!_L_!en!_/LO_!!_TIME_!1/1/2019 2:47:13 AM!_/TIME_!
!_NAME_!Saj!_/NAME_!
!_TEXT_!<translateitem>??</translateitem>!_/TEXT_!!_NAMEID_!sajg6@test.com!_/NAMEID_!!_MID_!10!_/MID_!!_UTCEPOCHTIME_!1546328833000!_/UTCEPOCHTIME_!!_/CINST_!
--------------------------------------------------------------------------------------
!_CI_!!_L_!en!_/LO_!!_TIME_!1/1/2019 2:49:23 AM!_/TIME_!
!_NAME_!Saj!_/NAME_!
!_TEXT_!<translateitem>?? Hi Rohi You there?</translateitem>!_/TEXT_!!_NAMEID_!sajg6@test.com!_/NAMEID_!!_MID_!11!_/MID_!!_UTCEPOCHTIME_!1546328963000!_/UTCEPOCHTIME_!!_/CINST_!
--------------------------------------------------------------------------------------
!_CI_!!_L_!en!_/LO_!!_TIME_!1/1/2019 2:51:16 AM!_/TIME_!
!_NAME_!Rohi!_/NAME_!
!_TEXT_!<translateitem>Hello Saj my name is Rohi. How can I help you today?</translateitem>!_/TEXT_!!_NAMEID_!rohi@test.com!_/NAMEID_!!_MID_!12!_/MID_!!_UTCEPOCHTIME_!1546329076000!_/UTCEPOCHTIME_!!_/CINST_!
--------------------------------------------------------------------------------------
!_CI_!!_L_!en!_/LO_!!_TIME_!1/1/2019 2:51:27 AM!_/TIME_!
!_NAME_!Rohi!_/NAME_!
!_TEXT_!<translateitem>Yes</translateitem>!_/TEXT_!!_NAMEID_!rohi@test.com!_/NAMEID_!!_MID_!13!_/MID_!!_UTCEPOCHTIME_!1546329087000!_/UTCEPOCHTIME_!!_/CINST_!
--------------------------------------------------------------------------------------
!_CI_!!_L_!en!_/LO_!!_TIME_!1/1/2019 2:53:47 AM!_/TIME_!
!_NAME_!Rohi!_/NAME_!
!_TEXT_!<translateitem>Hello Saj my name is Rohi. How can I help you today?</translateitem>!_/TEXT_!!_NAMEID_!rohi@test.com!_/NAMEID_!!_MID_!14!_/MID_!!_UTCEPOCHTIME_!1546329227000!_/UTCEPOCHTIME_!!_/CINST_!
--------------------------------------------------------------------------------------
!_CI_!!_L_!en!_/LO_!!_TIME_!1/1/2019 2:54:38 AM!_/TIME_!
!_NAME_!Saj!_/NAME_!
!_TEXT_!<translateitem>?? Hi Rohi You there?</translateitem>!_/TEXT_!!_NAMEID_!sajg6@test.com!_/NAMEID_!!_MID_!11!_/MID_!!_UTCEPOCHTIME_!1546328963000!_/UTCEPOCHTIME_!!_/CINST_!
--------------------------------------------------------------------------------------
!_CI_!!_L_!en!_/LO_!!_TIME_!1/1/2019 2:55:12 AM!_/TIME_!
!_NAME_!Rohi!_/NAME_!
!_TEXT_!<translateitem>today you are geting this issue</translateitem>!_/TEXT_!!_NAMEID_!rohi@test.com!_/NAMEID_!!_MID_!12!_/MID_!!_UTCEPOCHTIME_!1546329076000!_/UTCEPOCHTIME_!!_/CINST_!
--------------------------------------------------------------------------------------
!_CI_!!_L_!en!_/LO_!!_TIME_!1/1/2019 2:56:39 AM!_/TIME_!
!_NAME_!Saj!_/NAME_!
!_TEXT_!<translateitem>?? Can you help me?</translateitem>!_/TEXT_!!_NAMEID_!sajg6@test.com!_/NAMEID_!!_MID_!11!_/MID_!!_UTCEPOCHTIME_!1546328963000!_/UTCEPOCHTIME_!!_/CINST_!
--------------------------------------------------------------------------------------
!_CI_!!_L_!en!_/LO_!!_TIME_!1/1/2019 2:57:10 AM!_/TIME_!
!_NAME_!Rohi!_/NAME_!
!_TEXT_!<translateitem>Sure</translateitem>!_/TEXT_!!_NAMEID_!rohi@test.com!_/NAMEID_!!_MID_!12!_/MID_!!_UTCEPOCHTIME_!1546329076000!_/UTCEPOCHTIME_!!_/CINST_!
--------------------------------------------------------------------------------------
!_CI_!!_L_!en!_/LO_!!_TIME_!1/1/2019 2:58:31 AM!_/TIME_!
!_NAME_!System!_/NAME_!
!_TEXT_!<span class='defaultsysmsg' style='display:none'>System Message: Saj G has closed the browser</span>!_SM+msg_hasClosed+Saj GSM_!!_/TEXT_!!_NAMEID_!system@email.com!_/NAMEID_!!_MID_!15!_/MID_!!_UTCEPOCHTIME_!1546329278000!_/UTCEPOCHTIME_!!_/CINST_!
--------------------------------------------------------------------------------------
!_CI_!!_L_!en!_/LO_!!_TIME_!1/1/2019 2:59:17 AM!_/TIME_!
!_NAME_!System!_/NAME_!
!_TEXT_!<span class='defaultsysmsg' style='display:none'>System Message: rohi has closed and abandoned. To start a new chat click on "Chat now".</span>!_SM+msg_UserAbandoned+rohiSM_!<arcmd cmd='arev_SESSIONCLOSED'>!_/TEXT_!!_NAMEID_!system@email.com!_/NAMEID_!!_MID_!16!_/MID_!!_UTCEPOCHTIME_!1546329312000!_/UTCEPOCHTIME_!!_/CINST_!
--------------------------------------------------------------------------------------
Get Updates on the Splunk Community!
Get the T-shirt to Prove You Survived Splunk University Bootcamp
As if Splunk University, in Las Vegas, in-person, with three days of bootcamps and labs weren’t enough, now ...
Introducing the Splunk Community Dashboard Challenge!
Welcome to Splunk Community Dashboard Challenge! This is your chance to showcase your skills in creating ...
Wondering How to Build Resiliency in the Cloud?
IT leaders are choosing Splunk Cloud as an ideal cloud transformation platform to drive business resilience, ...
