Tools - Troubleshooting Skills


Splunk

Search syntax
  • key=value AND OR NOT
  • | sort num(ip) desc, -str(url) | sort -value
  • | reverse
  • | top(or rare) limit=5 name
  • | head 5
  • | highlight fa, fb
  • | dedup fa
  • | stats count by method
  • | chart count by method url
  • | timechart span=15m count by url

earliest=“11/5/2017:20:00:00” latest=“11/12/2017:20:00:00”

Show only Certain Fields

| table field

(Not) contains a field

NOT fa=*

See all values in a field

| top a_number SourceName

Interesting Fields
  • Explore and know what values for a field
Events before or after X seconds
  • Show logs around current event
Visualizations Tab

Linux

crash or reboot?

ast -n2 -x shutdown reboot

  • If this reports a SYSTEM_SHUTDOWN followed by a SYSTEM_BOOT, all is well; however, if it reports 2 SYSTEM_BOOT lines in a row, then clearly the system did not shutdown gracefully

host $ip

Write Troubleshooting Friendly Program
  • Name your thread
Posted by at
Labels:

Labels

adsense (5) Algorithm (69) Algorithm Series (35) Android (7) ANT (6) bat (8) Big Data (7) Blogger (14) Bugs (6) Cache (5) Chrome (19) Code Example (29) Code Quality (7) Coding Skills (5) Database (7) Debug (16) Design (5) Dev Tips (63) Eclipse (32) Git (5) Google (33) Guava (7) How to (9) Http Client (8) IDE (7) Interview (88) J2EE (13) J2SE (49) Java (186) JavaScript (27) JSON (7) Learning code (9) Lesson Learned (6) Linux (26) Lucene-Solr (112) Mac (10) Maven (8) Network (9) Nutch2 (18) Performance (9) PowerShell (11) Problem Solving (11) Programmer Skills (6) regex (5) Scala (6) Security (9) Soft Skills (38) Spring (22) System Design (11) Testing (7) Text Mining (14) Tips (17) Tools (24) Troubleshooting (29) UIMA (9) Web Development (19) Windows (21) xml (5)