Videos

  • Add Videos
  • View All

Top Content 

1 Count failures and success via transaction

Count failures and success via transaction

Latest Activity

Michael Wilde replied to Nikita's discussion Count failures and success via transaction
"How are these transactions linked together... by a field called "ID"?  If so.. just build them with the field ID, and then use one of the MV commands to extract a field with success or failure in it.   Paste some samples and…"
17 hours ago
Linus Myrefelt updated their profile
Tuesday
Marie updated their profile
Monday
Marie is now a member of splunkninja
Monday
Welcome Them!
Profile IconJitter and matthew arguin joined splunkninja
May 18
Profile IconMatthew Carter and Nikita joined splunkninja
May 17
Nikita posted a discussion

Count failures and success via transaction

Hi,I'm a new in Splunk so sorry for the stupid questions.I want to calculate failures in logs.For example we have request log and response log."request" OR ("fail" OR "response") |transaction startsWith=("request") endsWith=("fail" OR "response") maxpause=5s keepevicted=false maxspan=25s id |eval Failure=if(searchmatch("fail"),1,0)| eval Success=if(searchmatch("response"),1,0) | stats count(Failure) as FailureCount, count(Success) as SuccessCount | table FailureCount SuccessCountThat query…See More
May 17
1 Comment
Andrea Judy is now a member of splunkninja
May 16
Welcome Them!

Deployment on Linux / *NIX

why hello ninja's,

Need a little advice here ... I've searched & searched but cannot find any blog / forum etc on how to install Splunk on (e.g.) 150+ Linux boxes. Am totally aware I could do an MSI with command line options and use group policy or some other s/w dist tool for Windows, but how to do this same kind of thing with *NIX?

Does anyone have thoughts / suggestions / experience with this scenario?

"remember: Slaughter is the best medicine"

Tags: deployment, install, linux, unix

Views: 39

Reply to This

Replies to This Discussion

Permalink Reply by bizza on February 3, 2010 at 1:47am
hi,
which distros are you using?
Rhel (and sles) has it own tool to deploy software and/or configurations.
Or you can install splunk using a script and ssh (with key auth) to automate the process.
An other solution is deploy software using puppet/cfengine

best regards
Permalink Reply by Hot Splunk on February 3, 2010 at 2:45pm
will check out, thanks ..
Permalink Reply by Alexander Szoenyi on February 3, 2010 at 7:03am
Hello,

Please read the online Documation about deployment server.
http://www.splunk.com/base/Documentation/latest/Admin/Aboutdeployme...

regards Alexander
Permalink Reply by Hot Splunk on February 3, 2010 at 2:47pm
Didn't even know this existed .. will look to use it, but the question was about getting the Splunk out there and installed in the first place .. cheers ..
Permalink Reply by Alexander Szoenyi on February 3, 2010 at 11:29pm
Hello,

What Linux do you have ?

If you have a rpm or dep you can make a remote install script for that.
example: rpm -i ftp://xx.xx.xx.xx/splunk.rpm
or dpkg -i ftp://xx.xx.xx.xx/splunk.deb

Please read also the documentation for ./splunk help

Or you have a existing software delivery software in place to roll out the FW.

regards Alexander

RSS

© 2012   Created by Michael Wilde.

Badges  |  Report an Issue  |  Terms of Service