Is there a function such as max()/min() in Splunk, so that I can find the 3rd/Nth largest value from a field? For example: Field: 1 2 3 4 5 6 Output: function(Field)=4
Thanks Jay
hi how can we get a colums fileds into row where it is in below format
_Time Scotter delivery Flight dliver Train deliver Count
and i need in
01-2018 Scotter 1560
i need month wise used transport mode
I believe you can use mvindex() function to return the Nth element.
before using that, I should do sort first, right? Is there anyway that I can get Nth lagest value without the sort.
Jay
