Search examples

To track synchronisation of an account you can use:

• channel_id=org-xxxx, a unique identifier in Connec! that corresponds to the company/entity/organisation of the end-user (can be found in active_admin)
• group_id=cld-xxxx, a unique identifier in Connec! that corresponds to the application of the end-user (can be found in active_admin)
• realm_id=!5vgcC, a unique identifier in the application that corresponds to the company/account of the end-user in the application (can be found in the application, or provided by the application's support team)

Find when the synchronisation of an application ended

"group_id=cld-8yh4" "finished synchronizing"

Look for a specific invoice imported

"group_id=cld-8yh4" "entity=Invoice" "ce5080b6-050e-460b-81d3-80940a9b9d77"

Find all connector disconnections on a period in Sumologic

(Mnohub Alert) AND _sourceName="/apps/mnohub/shared/log/production.log" | parse "app_instance=\"*\"" as group_id

Find the last fetched QuickBooks version of an invoice in Splunk

"Updating QB" "\"EntityType\"=>\"Invoice\"" "\"Description\"" entity_hash | rex field=_raw "\"sparse\"=>false, \"Id\"=>\"(?<invoice_id>\d+)\"" | stats last(entity_hash) by channel_id, invoice_id

Find the last QuickBooks invoice update request per channel and invoice id in Splunk

"Sending POST request to url=https://quickbooks.api.intuit.com/v3/company/*/invoice" | spath input=request_body path=Id output=invoice_id | stats last(request_body) by channel_id, invoice_id

Find slow Connec! requests in Splunk

index="*" source="/apps/connec/current/log/uat.log" "Completed * OK in" | rex "Completed .* OK in (?<responsetime>\d+)ms" | search responsetime > 20000

Extract a field from Xero API response (eg: extract JournalNumber for a specific Account) in Splunk

"entity=Journal" "\"AccountID\"=>\"306b1c8d-c46d-4abe-8d70-78d7c51ec40f\"" | rex field=_raw "\"JournalNumber\"=>(?<journal_number>\d*)"