Hi,
I'm currently importing log-files into Splunk, to monitor the different kind of Errors that passes through the system that are monitored.
Up to now I've only searched for the string 'ERROR' in each log file. Since a log file may contain many different kind of errors, the result is that many kind of Errors are presented together. I would like to sort/group the different kind of errors in one diagram.
The search as today is as follows (for one of the log-files)
ERROR source="/home/logs/DataTransferService.log"
The result would then consist of many different ERROR messages, similar to these three (as an example):
2014-08-19 12:00:00,394 [pool-1-thread-1] ERROR - Unexpected error com.eMeter.PIPe.datatransferservice.exception.DTSRuntimeException:…
2014-08-19 11:20:01,815 [pool-1-thread-4] ERROR - Invalid date. java.lang.NullPointerException:…
2014-08-19 11:20:01,814 [pool-1-thread-4] ERROR - SDP lookup failed [null]: id to load is required for loading [Additional Information:…
... View more