Shobhit Garg
- Total activity 126
- Last activity
- Member since
- Following 0 users
- Followed by 0 users
- Votes 0
- Subscriptions 67
Activity overview
Latest activity by Shobhit Garg-
Shobhit Garg commented,
Hi Jyotsna, JOIN should get you the desired results. It would be nice if you can share your JOIN query and the screenshot of the output. Regards
-
Shobhit Garg commented,
Hi Sathish, No, that is not possible. In Sumologic for each query you have to have a time-range to let query know how old data it has to scan. SumoLogic is not like RDBS where we have a table and e...
-
Shobhit Garg commented,
Hi Jyotsna, If you can paste the complete query, then probably we can understand the logic you have used and can help further. Regards
-
Shobhit Garg commented,
Hi Nathan, Please try below. I tested this for the sample message you have posted. "filters":[{ "filterType":"Mask", "name":"Maskrule", "regexp":"SoapWriter\\.\\d+ - \\[[0-9a-z]*...
-
Shobhit Garg commented,
Hi Doreen, Probably this will need some investigation. I would suggest to open a case using support@sumologic.com Regards
-
Shobhit Garg commented,
Hi Kenichi, You can export the data from SumoLogic via two methods 1. Using UI - : In this method you can export the data in CSV format via UI https://help.sumologic.com/05Search/Get-Started-with-S...
-
Shobhit Garg commented,
Hi Nathan, Assuming you want to mask the SQL query then your regex is correct, I tested it. jdbc\.sqltiming\.373\s\[[a-z0-9]{16}\s[a-z0-9]{16}\]\s-\s*-\s*([^{]*) The masked data ingested in Sumolog...
-
Shobhit Garg commented,
Hi Mita, To get the difference between two timestamps, you need to convert them into milliseconds first and then subtract them Something like below, you can choose the format as per your requiremen...
-
Shobhit Garg commented,
Hi Nikita, For this we need to have MAX for each AccountID and for that we either need to leverage the SUBQUERY or JOIN Below is one sample query I have written (_collector="HTTP")| parse "*,*" as ...
-
Shobhit Garg commented,
Hi Jellou, Probably you can achieve it with the help of subquery. What you can do here is write a subquery, might be same as that of main query and run the query for 1 week ago time-range and then ...