EDI: Transmission errors and retry rates

KPI search example

Another KPI for monitoring the health of EDI transaction systems is the error and retry rates. Unlike transaction requests that lack an acknowledgment, which may not necessarily indicate an error or failure but rather a delay, errors and retries are more definitive. In this case, we specifically look for requests with acknowledgments marked with E for error and R for retries. This indicates that the receiving system has indeed received the request, but errors or retries occurred on their end. Therefore, these situations require immediate attention to ensure that proper orders are issued to the supply chain teams.

A high error rate or frequent retries can indicate underlying issues with the EDI system, such as incorrect formatting, network problems, or data discrepancies. Consistent errors or retries can delay document processing and disrupt supply chain operations.

To calculate the error and retry rates, similar to calculating the success rate, we need to count the total number of requests along with the number of error and retry requests, and then apply a formula to determine the respective rates. This involves aggregating both the total requests and the error/retry events. Using the timechart command, we can generate a statistical trend with the following SPL. The command search edi_ack_status=E OR edi_ack_status=R will filter for EDI requests that have acknowledgments marked with E (Error) or R (Retry).

index=supply_chain_edi sourcetype="edi:x12"
| eval edi_ack_status_combo=edi_code+"-"+edi_code_ack+"-"+edi_ack_status 
| eval edi_code_groupby=if(isnull(edi_code_ack), edi_code, edi_code_ack) 
| stats last(_time) AS _time, last(edi_requestor) AS edi_requestor, last(edi_responder) AS edi_responder, first(edi_code) AS edi_type, values(edi_code) AS edi_code, last(edi_ack_status) AS edi_ack_status BY edi_tr_id edi_code_groupby
| search edi_ack_status=E OR edi_ack_status=R

Similar to calculating the transmission success rate, the error and retry rates can be computed using the eval command by applying a simple ratio formula. To achieve this, we also need to include transactions that have been successfully accepted by applying a search condition, such as | search edi_ack_status=E OR edi_ack_status=R OR edi_ack_status=A, which adds the edi_ack_status=A status. Then, by using the timechart command, we can calculate the trend, followed by the eval command to determine the total transactions and the error_retry_rate to obtain the error and retry rates.

index=supply_chain_edi sourcetype="edi:x12"
| eval edi_ack_status_combo=edi_code+"-"+edi_code_ack+"-"+edi_ack_status 
| eval edi_code_groupby=if(isnull(edi_code_ack), edi_code, edi_code_ack) 
| stats last(_time) AS _time, last(edi_requestor) AS edi_requestor, last(edi_responder) AS edi_responder, first(edi_code) AS edi_type, values(edi_code) ASedi_code, last(edi_ack_status) AS edi_ack_status BY edi_tr_id edi_code_groupby
| search edi_ack_status=E OR edi_ack_status=R OR edi_ack_status=A
| timechart count BY edi_ack_status
| eval total_transactions=A+E+R
| eval error_retry_rate=((E+R)/total_transactions)*100

Use a line graph visualization to clearly show the distribution of the different results over time.

Search explanations

Repeated transmission errors or high retry counts might signal problems with the EDI setup or system integration. These issues could lead to incomplete document transfers, inaccurate order fulfillment, or failed communications between partners.

Next steps

When you have this search running in your Splunk platform, return to the Monitoring electronic data interchange transmission and acknowledgement use case to learn how to share the results with stakeholders and to find other KPIs you might want to measure. You can also review the Solution Accelerator for Supply Chain Optimization for more great use cases to help you use the Splunk platform to be successful in your supply chain operations.