Hi,
I made a lot of research and tests but I can't figure how to...
Is it possible to search a sequence of differents events in all the logs indexed in Splunk.
I mean, if in the search window, I have something like this :
....
event A
....
....
event B
....
Is there a search command which permit to search the sequence "event A then event B".
And after, use the result to create an alarm when I have this sequence of two events ?
I'm not an english speakers, so please forgive my bad english.
I hope my request is understandable anyway.
Axel
... View more