Hi,
I am a newbie in Splunk. I have to write a splunk query to get the status_code count for error(status range 300 and above) and success(status range 200-299) by host.
This is my current search(24 hrs) but unfortunately return 0 result except for host list displayed
index=xxxx host=* status=*
| stats count(status>=300) as "Error",
count(status<299) as "OK" by host
Expected result:
Host | Error | OK
----------------------------------------
xxxx | 23 | 1
