I am evaluating Splunk for use in monitoring application logs and am wondering if it is possible to group together lines like the following relating the numbers in bold to each other and text in bold to each other.
[29/Apr/2010:00:01:18][8456.-243491648][-conn2-] Notice: db_scoped_select_query: 3 976122186 0 0 53.14 select items-list-main-count_advanced 0.081 0.002 version_list_criteria 1
[29/Apr/2010:00:01:18][8456.-243491648][-conn2-] Notice: Time-log, 2, 976122186, 0, 0, 53.14, /items/list-main, role_employee_rw_no_version_buyer, employee, 0.05, 0.25, 0.07, 0.23, 0.61, 19789, 66, items-list-main-count_advanced, select, 0.08, 623094, 433285
... View more