Hi All,
I have a search term that returns 44 lines every day, the search results looks similar like so:
INFO [3/07/16 19:45:00.969] 1234/SC 03/08/2016 - job1 Finished batch process with return code: Success (0)
INFO [3/07/16 20:08:00.969] 1234/SC 03/08/2016 - job2 Finished batch process with return code: Success (0)
INFO [3/07/16 23:45:00.969] 1234/SC 03/08/2016 - job3 Finished batch process with return code: Success (0)
Is there a way for me to chart the time for each of these 44 results so I start measuring via a line graph of when these jobs complete? Another thing I noticed is that splunk is auto extracting the date field separately such as date_hour, date_minute, date_second etc which makes it for difficult for the newbie splunker.
↧