Hello my little friends.
I have logs from tomcat and they joined Web Data Model, so that means that I can write correlation search using a data model.
For example, I have this search:
sourcetype="tomcat:access:log" request_uri="*struts2-rest-showcase*" AND status="500" | stats latest(_raw) as "orig_raw" values(request_uri) as "uri" values(http_method) as method values(status) as status count by "host", "src"
And I want to remake this search using Data Model and right now I have no idea how to do it.
↧