Hi. I am new to Splunk. I want to create a Pie Chart that consists of a particular type of event as a percentage of all events.
For example, all events that contain the word Linux, i would like to represent as a percentage of total events.
What would the search query be for this?
Thank you.
Pie charts only require two fields: a category and a count.
E.g.:
*
| eval os=if(like(_raw, "%Linux%"), "Linux", "Other")
| stats count by os
Pie charts only require two fields: a category and a count.
E.g.:
*
| eval os=if(like(_raw, "%Linux%"), "Linux", "Other")
| stats count by os
Super. Thank you.