Hi everyone,
I have one logfile per day that is filled with several lines of information showing requests to play video streams:
ABC: [2019:09:10 09:39:15] abcdefg 1234567890 -hijklmnopqrs !warning! Request to play stream : "http://holiday.mpeg" on [website]
ABC: [2019:09:10 09:39:16] abcdefg 1234567890 -hijklmnopqrs !warning! Show error message : "Streamfail"
ABC: [2019:09:10 09:39:20] abcdefg 1234567890 -hijklmnopqrs success
And I am trying to extract the URLs that are listed in the file if there is the error message "Streamfail".
So for the example above I would like to extract the video name as well as the occurence:
1 x holiday.mpeg
I have tried the following:
index=website.log ("Show error message" AND "Streamfail")
| rex field=_raw "\/(?[^\?\/]+)\?"
| stats count by Streamfail
↧