My web application logs every user action.
(我的Web应用程序记录每个用户操作。)
Every log entry contains the user id, the action (click, double-click etc...), timestamp and a short description.
(每个日志条目都包含用户ID,操作(单击,双击等),时间戳和简短说明。)
The logs for a specific user are stored for a few days, hence I need to aggregate them to a processed report / data.
(特定用户的日志存储了几天,因此我需要将它们聚合到已处理的报告/数据中。)
I want to collect (and eventually display) a specific action (let's say double click) of each user and its description.
(我想收集(并最终显示)每个用户及其描述的特定操作(例如双击)。)
For example, I want a table that gets updated for every log (or a few logs with some delay),
(例如,我想要一个为每个日志(或一些延迟日志)更新的表,)
that aggregates the data of a userId, the timestamp of all of his double clicks, the count of double
(汇总了一个userId的数据,其所有双击的时间戳,double的计数)
clicks and the description for each double click.
(点击次数以及每次双击的说明。)
How can I solve this?
(我该如何解决?)
What tools does splunk offer for something like aggregating log streams that gets removed?
(splunk提供什么工具来处理诸如汇总被删除的日志流之类的事情?)
ask by natdev translate from so
