Hello All,
I am beginner of Splunk.
I have a requirement like "we are having multiple applications in our system. When ever we see any errors transactions for any of the application. I have to fetch application name and error message into two different fields so that I can display it in table format."
Could you please let me know how to fetch entire error message into a single field. Error message will not be same.
Example Log: 2017:12:25:45 AAA(application name) - timeout error (error message)
2017:12:25:49 BBB(application name) - Please enter correct details (error message)
2017:12:25:45 AAA(application name) - No data found (error message)
Thanks,
... View more