Getting Data In
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

Compatible commands with Summary Index- Why aren't stats and chart command working?

Poojitha
Path Finder
‎05-25-2022 07:18 AM

Hi All,

I have created a summary index . I am making use of "sistats count by <fields>" to populate all the fields required. And I see those fields as well. 

The issue is - On this index I am trying to use chart command and also stats count(<field>) as test (chart command in one query and stats count in another query) but its not working. There is no results returned. Instead I use stats command and populate data to summary index , both commands are working.

Please let me know why chart and stats command are not working on the summary index that I have created using sistats command . [sichart as well not working]. I am missing some technical information here.

Regards,
PNV

Labels (1)
Labels
0 Karma
Reply

ITWhisperer
SplunkTrust
SplunkTrust
‎05-25-2022 07:55 AM

I may be wrong as I haven't used sistats, although I have used summary indexes. My interpretation of the documentation is that to retrieve the stats from the summary index created by the sistats command, you have to use the exact same command apart from substituting the sistats with stats. Similarly, for sichart and chart. You cannot mix them. Therefore, the reason you are not getting results from your summary index with chart is because they were put there by sistats (not sichart).

0 Karma
Reply
Get Updates on the Splunk Community!

Introducing the 2024 SplunkTrust!

Hello, Splunk Community! We are beyond thrilled to announce our newest group of SplunkTrust members!  The ...

Introducing the 2024 Splunk MVPs!

We are excited to announce the 2024 cohort of the Splunk MVP program. Splunk MVPs are passionate members of ...

Splunk Custom Visualizations App End of Life

The Splunk Custom Visualizations apps End of Life for SimpleXML will reach end of support on Dec 21, 2024, ...