Harinder Bhandari

1. Community
2. Using Sumo Logic
3. Parse out items of a list that has a variable length

Hi Elliot, You should parse regex and use multi option to parse list of items of variable length. For Example: | parse regex "size=(?<file_size>.*?)\)\," multi https://help.sumologic.com/05Search/S...

• View comment
• Harinder Bhandari
• February 25, 2021 20:05
• 1 vote

1. Community
2. Using Sumo Logic
3. How do you create "Applied at: Run Time" FERs (Field Extraction Rules)

Currently, "Run Time" FER only applies to JSON data, and all other data is parsed and "Applied at" the ingest time. Hope this helps. Thanks

• View comment
• Harinder Bhandari
• December 02, 2020 08:30
• 0 votes

1. Community
2. Using Sumo Logic
3. Where's connection setting for web hook?

Hi Bowei, Webhook connections feature is not available to Free Accounts. For Paid Accounts, It is under Manage Data -> Alerts -> Connections.  Hope this helps. Thanks.

• View comment
• Harinder Bhandari
• November 17, 2020 02:30
• 0 votes

1. Community
2. Using Sumo Logic
3. Scheduled search

Hi Jellou, The maximum CSV file size allowed for an attachment to a scheduled search is 5 MB or 1,000 results whichever comes first. If you want to increase this limit, please file a support case w...

• View comment
• Harinder Bhandari
• November 02, 2020 05:01
• 0 votes

1. Community
2. General Discussion
3. How to sort by timeslice with 3 parse extracted field

Hi Jellou, You can sort by timeslice, field 1, field2, field3 like this: | timeslice 1h| parse field1| parse field2| parse field3| count by _timeslice, field1, field2, field3| sort by _timeslice Ho...

• View comment
• Harinder Bhandari
• October 27, 2020 17:50
• 0 votes

1. Community
2. Using Sumo Logic
3. Subquery affecting the number of record parsed in the main query

Hi Carl, When you run the query within the subquery it generates output as follows using values of the instance field (instancekeyword1 OR instancekeyword2 or instancekeyword3 or instancekeyword4 …...

• View comment
• Harinder Bhandari
• October 20, 2020 20:55
• 0 votes

1. Community
2. Using Sumo Logic
3. Schedule a search on weekdays from previous day 12nn to current day 12 nn

Yes, you should be able to schedule a search running on weekdays at Noon for the last 24 hours. when scheduling a search, you should pick up these options: Run Frequency: DailyEvery: Weekday(Monday...

• View comment
• Harinder Bhandari
• October 20, 2020 18:35
• 0 votes

1. Community
2. Using Sumo Logic
3. Looking for a way to filter columns from messages into Teams using webhook ?

Yes, it can be done in Microsoft Teams also. You have to use customized payload with the payload variable {{Results.fieldname}}: The value is returned from the search result for the specified field...

• View comment
• Harinder Bhandari
• October 05, 2020 15:42
• 0 votes

1. Community
2. Using Sumo Logic
3. Help related to sub-query

You can not extract a field from the subquery to be used as a field. So we need to use the JOIN as explained here  https://help.sumologic.com/05Search/Search-Query-Language/Search-Operators/join

• View comment
• Harinder Bhandari
• August 26, 2020 22:28
• 0 votes