Hi,
I am new to splunk and need help with my use case below.
Whenever a request is made to my application, it will create a new unique folder and start writing the information to three files called 1.err, 2.xml, 3.xml. 1.err file will be created only whenever any error is identified., otherwise this file will not be created.
My 1.err file contains
FAIL_ERROR_MESSAGE = Error due to function: function name.
If the file 1.err exists in the folder then i need to get all the FAIL_ERROR_MESSAGE count and from 2.xml file i need to get
SENDID
attribute value
from that folder and from 3.xml file i need to get GFM value as shown in below.
<name>GFM</name>
<value>Test</value>
<dataType>String</dataType>
</attribute>
I need to prepare a chart where it can show error messages by SENDID and by GFM value. The data should be collected from all the folders where the folder contains 1.err file.
Thanks in advance.
... View more