Solved: Re: Can you help me count the following two files?

logloganathan · ‎11-29-2018

Hi, i have two files

| inputlookup ABC | stat count 
 result=10

| inputlookup XYZ | stat count 
result=20

i want to get results as 30 by adding these two files

493669 · ‎11-29-2018

Like this-

|inputlookup ABC|stats count|append[|inputlookup XYZ|stats count]|stats sum(count) as count

View solution in original post

493669 · ‎11-29-2018

Like this-

|inputlookup ABC|stats count|append[|inputlookup XYZ|stats count]|stats sum(count) as count

sideview · ‎08-20-2019

A minor comment for you - this works great but inputlookup actually has its own append=t argument that you can use. And in this case it's better to use it, than to rely on the append command because append hits failsafe at 50,000 rows where it would truncate.

So long story short you can just do:
| inputlookup ABC | inputlookup XYZ append=t | stats count

logloganathan · ‎11-29-2018

wow its working...wonderful answer

logloganathan · ‎11-29-2018

Please move to answer

grantsmiley · ‎11-29-2018

This work

(search1) OR (search2) |inputlookup ABC |inputlookup XYZ |stats count

logloganathan · ‎11-29-2018

thanks for your response but it not working

Can you help me count the following two files?

Threat Hunting Unlocked: How to Uplevel Your Threat Hunting With the PEAK Framework ...

Splunk APM: New Product Features + Community Office Hours Recap!

Index This | Forward, I’m heavy; backward, I’m not. What am I?