- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I need to aggregate the values found in the apache weblogs. First I need to parse out several fields. I can get these fileds parsed out. But now I need to aggregate the counts of these fields. For example, the number of elements requested per client over a selected time range. So I need to count all the elements for each client and display them in a graph. And also show in descending order the clients that requested an element. Is this doable? If so what components do I use?
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Yes. This is very doable.
I would recommend checking out the following search commands to get started:
- stats
- chart
- timechart
If you are pretty new to splunk. Check out How search commands work and go from there. There is also a basic search tutorial that is very helpful in walking though basic commands too.
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Yes. This is very doable.
I would recommend checking out the following search commands to get started:
- stats
- chart
- timechart
If you are pretty new to splunk. Check out How search commands work and go from there. There is also a basic search tutorial that is very helpful in walking though basic commands too.
