Hi,
I have the following JSON String logs. I would like to extract JSON unique field values. It should go over all the message fields and extract specific field values from a JSON array("name") and unique them. Could someone help with Splunk query?
Raw log
{ "@timestamp": "2022-03-28T07:38:45.123+00:00", "message": "request - {\"metrics\":[{\"name\":\"m1\",\"downsample\":\"sum\"},{\"name\":\"m2\",\"downsample\":\"sum\"},{\"name\":\"m1\",\"downsample\":\"sum\"}]}" }
JSON
{ "metrics": [{ "name": "m1", "aggregator": "sum", }, { "name": "m2", "downsample": "sum" }, { "name": "m1", "downsample": "sum" }] }
Expected Output:
m1 m2 ...
... View more