Databases Reference
In-Depth Information
Let's capture all errors that mary sees, enriched with some extra data. First, create
the query:
sourcetype=impl_splunk_gen mary error
| eval raw=_raw
| table _time raw department city
Save the query and edit the summary info:
 
Previous Page
Next Page
Implementing Splunk: Big Data Reporting and Development for Operational Intelligence
Search WWH ::




Custom Search
Home