Solved: How to use an additional conditional with the top ...

okug · ‎03-18-2015

Hi,

I have questions about the top command.

First one is pretty simple.
How I can add sequential number column in top result table?

2nd one is.
Is there any way to use an additional conditional to top command? I want to do something like:
top limit=30 and percent > 1 ....
top limit=50 and count >= 10 ....

Thanks!

satishsdange · ‎03-18-2015

| top limit=30 xxx | where count > 10

View solution in original post

pradeepkumarg · ‎03-18-2015

Try this..

| top limit=30 | eval s_no =1 | accum s_no
| top limit=30 | where percent > 1
| top limit=30 | where count >= 10

satishsdange · ‎03-18-2015

| top limit=30 xxx | where count > 10

okug · ‎03-18-2015

Great! Thanks!!
Any idea for 1st question?

ppablo · ‎03-18-2015

Hi @okug

Try and see if the answer on this post can help answer your 1st question.
http://answers.splunk.com/answers/216542/how-to-add-a-first-column-to-number-each-row-in-a.html

okug · ‎04-10-2015

Thanks!

top limit=30 foo| where percent >= 1 | streamstats count as row | fields row,foo,count,percent

worked.

ppablo · ‎04-14-2015

Hi @okug

Great 🙂 glad it worked!

How to use an additional conditional with the top command (ex: count > 10) and add a sequential number column to the table?

Announcing Scheduled Export GA for Dashboard Studio

Extending Observability Content to Splunk Cloud

More Control Over Your Monitoring Costs with Archived Metrics GA in US-AWS!