Does anybody have good answer for this problem? I have been looking for a solution in Splunk to address almost exact same need for long time now. It is one of the most critical things I would like Splunk to do.
Ideally I want Splunk to AUTOMATICALLY categorize exception stack traces (Java, C#, etc) or errors in general so it can report for example top 10 most frequent ones in last 30 minutes. I know that you can manually find an exception stack trace event (or any other error) in Splunk UI and tell it to save it so it remembers it as known event type and have it categorize from this point on. However I have not found a way where Splunk can be configured to automatically do the categorization of stack traces.
And that would be extremely helpful in many scenarios. In dev to see most frequent exceptions that probably need to be looked or addressed. Same way during production outage it would helpful to know top 10 exceptions in order to troubleshoot.
Anyone?
... View more