You're almost there! Please answer a few more questions for access to the Applications content. Complete registration
Interested in joining? Complete your registration by providing Areas of Interest here. Register

OMC HOW-TO: extracting additional time/date fields in log analytics

Received Response
30
Views
4
Comments
edited Sep 27, 2018 7:03PM in Observability & Management 4 comments

Summary

Log analytics already handles extracting log entry time, but sometimes there are other time/date elements you want to extract and analyze.

Content

Background

Some log entries will have a log entry time, but will also have the start and end time of a process or transaction that you may want to capture into their own fields. After capturing the start and end time into their own fields, you can use query language eval functions to perform date manipulation on these fields for instance to get the duration between the two times. This document only applies to a single log entry have the additional time/date fields. If you are trying to connect separate log entries by some grouped field, look into the Link feature

Tagged:

Howdy, Stranger!

Log In

To view full details, sign in.

Register

Don't have an account? Click here to get started!