Kevin Keech
- Total activity 308
- Last activity
- Member since
- Following 0 users
- Followed by 0 users
- Votes 0
- Subscriptions 92
Activity overview
Latest activity by Kevin Keech-
Kevin Keech commented,
Could you log out and log back into your account and then see if you continue to see this error?
-
Kevin Keech commented,
The first 30 days is a full trial and includes all Sumo Logics Enterprise features. After the 30 days is up your account will then revert to the Free tier, which is perpetual, but a bit more limite...
-
Kevin Keech commented,
Hi Jamie Gangestad,Within your format you'll want to change the hour designation from "HH" to "hh." Lowercase "hh" defines the hours are in am/pm (1-12) so should address the error you're seeing. |...
-
Kevin Keech commented,
The CSV operator should actually take care of this for you and should handle those quoted fields. | csv _raw extract a, b, c, d Using the following format you can also extract specific fields by ...
-
Kevin Keech commented,
Agree with using parse regex / multi. Here is another example that captures the file name as well as the size. | parse regex "(?:\[|,\s+)(?<name>.*?)\(size=(?<size>\d+)\)" multi When using the Mul...
-
Kevin Keech commented,
Good to see you got things working. So your account is in the Sumo Logic "US1" deployment, which does not have a specific deployment ID within the URLs. This is also why you and others don't see th...
-
Kevin Keech commented,
There are a few things that could lead to authentication issues that you will want to check. 1.) The user who generated the AccessKey/ID has the permissions to Manage Collectors2.) The proper deplo...
-
Kevin Keech commented,
When you say you want to search, do you just want to return messages where the parsed field includes a specific string? If so then you can use a "matches" operation within a "where" statement like ...
-
Kevin Keech commented,
Hi Rizwan, You will need to generate the AccessID and Key from within your Sumo Logic account, under your user preferences page. The following help documentation should assist with the process. htt...
-
Kevin Keech commented,
There are a few ways you can parse this. (Note: I am assuming you want the name to the left of the epoch timestamp in the message) 1.) Since the logs are pipe-delimited you can use the "split" oper...