Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
Splunk Search
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
- Splunk Answers
- :
- Using Splunk
- :
- Splunk Search
- :
- How to group by a by Title?
Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark Topic
- Subscribe to Topic
- Mute Topic
- Printer Friendly Page
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
mogoj
Engager
04-27-2018
12:43 AM
Hi guys!!
I have this search:
index=temp sourcetype=sdc cs_host="*mto.ree.*" WT_dl=0 NOT (cs_uri_stem ="*/es-es/paginas/inicio.aspx" OR cs_uri_stem =*/results.aspx* OR cs_uri_stem =*/_layouts/* OR cs_uri_stem =*/_catalogs/* OR cs_uri_stem =/personal* )
| fillnull value="Sin Título" WT_ti
| top limit=0 WT_ti, cs_uri_stem,WT_device
| eval WT_ti= urldecode(WT_ti)
| eval percent = round(percent,2)
| eval Escritorio= if(WT_device=="Escritorio",count,0)
| eval iPhone= if(WT_device=="IPhone",count,0)
| eval iPad= if(WT_device=="IPad",count,0)
| eval Otros= if(WT_device=="Linux",count,0)
| eval WT_ti = if (WT_ti== "Mi perfil - Noticias", "Mi perfil - Novedades",WT_ti )
| rename WT_ti as Titulo,cs_uri_stem as URL, count as "Paginas_Vista", percent as "Porcentaje_%"
| search Titulo=Comunidades
Attach an image of results, my problem, I need not show de Column WT_device and show the results in a single line. It's possible?
Thanks for you time!!
1 Solution
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
TISKAR
Builder
04-28-2018
02:51 PM
@mogoj , Can you add this please:
| stats sum(*) as * by Titulo URL
Search compet:
index=temp sourcetype=sdc cs_host="*mto.ree.*" WT_dl=0 NOT (cs_uri_stem ="*/es-es/paginas/inicio.aspx" OR cs_uri_stem =*/results.aspx* OR cs_uri_stem =*/_layouts/* OR cs_uri_stem =*/_catalogs/* OR cs_uri_stem =/personal* )
| fillnull value="Sin Título" WT_ti
| top limit=0 WT_ti, cs_uri_stem,WT_device
| eval WT_ti= urldecode(WT_ti)
| eval percent = round(percent,2)
| eval Escritorio= if(WT_device=="Escritorio",count,0)
| eval iPhone= if(WT_device=="IPhone",count,0)
| eval iPad= if(WT_device=="IPad",count,0)
| eval Otros= if(WT_device=="Linux",count,0)
| eval WT_ti = if (WT_ti== "Mi perfil - Noticias", "Mi perfil - Novedades",WT_ti )
| rename WT_ti as Titulo,cs_uri_stem as URL, count as "Paginas_Vista", percent as "Porcentaje_%"
| search Titulo=Comunidades
| stats sum(*) as * by Titulo URL
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
TISKAR
Builder
04-28-2018
02:51 PM
@mogoj , Can you add this please:
| stats sum(*) as * by Titulo URL
Search compet:
index=temp sourcetype=sdc cs_host="*mto.ree.*" WT_dl=0 NOT (cs_uri_stem ="*/es-es/paginas/inicio.aspx" OR cs_uri_stem =*/results.aspx* OR cs_uri_stem =*/_layouts/* OR cs_uri_stem =*/_catalogs/* OR cs_uri_stem =/personal* )
| fillnull value="Sin Título" WT_ti
| top limit=0 WT_ti, cs_uri_stem,WT_device
| eval WT_ti= urldecode(WT_ti)
| eval percent = round(percent,2)
| eval Escritorio= if(WT_device=="Escritorio",count,0)
| eval iPhone= if(WT_device=="IPhone",count,0)
| eval iPad= if(WT_device=="IPad",count,0)
| eval Otros= if(WT_device=="Linux",count,0)
| eval WT_ti = if (WT_ti== "Mi perfil - Noticias", "Mi perfil - Novedades",WT_ti )
| rename WT_ti as Titulo,cs_uri_stem as URL, count as "Paginas_Vista", percent as "Porcentaje_%"
| search Titulo=Comunidades
| stats sum(*) as * by Titulo URL
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
mogoj
Engager
04-30-2018
01:49 AM
Thanks!!!!
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
FrankVl
Ultra Champion
04-27-2018
04:25 AM
Can you perhaps sketch the desired result (e.g. in excel or so)? I don't entirely follow what you are looking for.
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
mogoj
Engager
04-28-2018
08:57 AM
Hi Frank,
I have this-->
Titulo URL WT_device Paginas Vista Porcertanje Escritorio Otros Ipad iPhone
Comunidades Paginas/default.aspx Escritorio 28 8,02 28 0 0 0
Comunidades Paginas/default.aspx iPhone 2 0,57 0 0 0 2
Comunidades Paginas/default.aspx iPad 2 0,57 0 0 2 0
And i Like this-->
Titulo URL Paginas Vista Porcentaje Escritorio Otros Ipad iPhone
Comunidades Paginas/default.aspx 32 9,16 28 0 2 2
Get Updates on the Splunk Community!
Database Performance Sidebar Panel Now on APM Database Query Performance & Service ...
We’ve streamlined the troubleshooting experience for database-related service issues by adding a database ...
IM Landing Page Filter - Now Available
We’ve added the capability for you to filter across the summary details on the main Infrastructure Monitoring ...
Dynamic Links from Alerts to IM Navigators - New in Observability Cloud
Splunk continues to improve the troubleshooting experience in Observability Cloud with this latest enhancement ...
