Solved: Re: How to get the difference of time between 2 ev...

gajananh999 · ‎07-04-2014

Hello Everyone,

I have events like

02-Jul-2014 09:25:25 AM: ========== Finish Transmit Process ==========

02-Jul-2014 09:25:25 AM: AA Proc for AttachmentTransmission

02-Jul-2014 09:25:25 AM: AA Software (Axway Synchrony) version is not setup in ESM Schema in table EDI_TYPE_CD. Default version of EDI Software is 4.2

02-Jul-2014 09:25:25 AM: AA Service Login to 'AA' Database with UserID 'AA' Successfully

02-Jul-2014 09:25:23 AM: ========== Start Transmit Process ==========

So i want to find out the Time which is take by process to complete its task. So here it will be 02.02 sec

Thanks

Gajanan Hiroji

Ayn · ‎07-04-2014

Create a transaction that starts with the "Start Transmit Process" line and ends with the "Finish Trnamit Process" line. The transaction command will automatically create a field duration which gives you the duration of the transaction, which is the same as the time difference between the start and end event.

... | transaction startswith="========== Start Transmit Process ==========" endswith="========== Finish Transmit Process =========="

View solution in original post

Ayn · ‎07-04-2014

Create a transaction that starts with the "Start Transmit Process" line and ends with the "Finish Trnamit Process" line. The transaction command will automatically create a field duration which gives you the duration of the transaction, which is the same as the time difference between the start and end event.

... | transaction startswith="========== Start Transmit Process ==========" endswith="========== Finish Transmit Process =========="

gajananh999 · ‎07-04-2014

Thanks Ayn.

How to get the difference of time between 2 events

Join Us for Splunk University and Get Your Bootcamp Game On!

.conf24 | Learning Tracks for Security, Observability, Platform, and Developers!

Announcing Scheduled Export GA for Dashboard Studio