Splunk search for Rest API response time

Copy
index=_internal sourcetype=splunkd_access source=*splunkd_access.log | rex field=_raw "- - - (?P<response>.*)ms" | rex field=_raw "\"GET\s(?<endpoint>[^\?\d]+)" | table _time, endpoint, response | stats avg(response) as "Avg Response Time" by endpoint | eval "Avg Response Time"=tostring(round('Avg Response Time',2))."ms" | rename endpoint as "REST API Endpoint" | sort - "Avg Response Time"
This Splunk search will output the average response time experienced by calls to Splunk REST API endpoints. The search will separate the response times by endpoint.
0 comments

Category:

General Splunk


Tags:

rest Admin

Search Commands:

Sign in or Register to submit a comment