Solved: Re: Hi, Can i use sum and list command in single q...

deepa_purushoth · ‎11-19-2017

Please advice.
I tried i can able to get the category and categorygroup in list however i cant do sum, but i can show as count.

elliotproebstel · ‎11-20-2017

Yes, you can simply add the stats list() after the sum:

your search| stats sum(Price) AS Total BY Category,CategoryGroup | stats list(CategoryGroup) AS CategoryGroup list(Total) AS Total BY Category

View solution in original post

elliotproebstel · ‎11-20-2017

Yes, you can simply add the stats list() after the sum:

your search| stats sum(Price) AS Total BY Category,CategoryGroup | stats list(CategoryGroup) AS CategoryGroup list(Total) AS Total BY Category

elliotproebstel · ‎11-21-2017

Hi @deepa_purushothaman - thanks for the upvote! If this solution works for you, will you accept it, so that other users can find it if they have the same question?

deepa_purushoth · ‎11-21-2017

Thank you elliotproebstel, this is helpful.

elliotproebstel · ‎11-21-2017

Glad to help!

deepa_purushoth · ‎11-20-2017

Thank you, but this yields me duplicate value in Category. I want to include list command as well to eliminate show as multiple record under each category.

HiroshiSatoh · ‎11-19-2017

Try this!

(your search)|stats sum(Price) as Total by Category,CategoryGroup

Hi, Can i use sum and list command in single query

Join the Splunk Community Slack to learn, troubleshoot, and make connections with fellow Splunk practitioners in real time!

Join Splunk User Groups to connect and learn in-person by region or remotely by topic or industry.

Index This | What travels the world but is also stuck in place?

Discover New Use Cases: Unlock Greater Value from Your Existing Splunk Data

Continue Your Journey: Join Session 2 of the Data Management and Federation Bootcamp ...

Join the Conversation