Splunk Search
×
Are you a member of the Splunk Community?
Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
- Find Answers
- :
- Using Splunk
- :
- Splunk Search
- :
- Re: How to use an additional conditional with the ...
Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark Topic
- Subscribe to Topic
- Mute Topic
- Printer Friendly Page
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
okug
New Member
03-18-2015
07:13 AM
Hi,
I have questions about the top command.
First one is pretty simple.
How I can add sequential number column in top result table?
2nd one is.
Is there any way to use an additional conditional to top command? I want to do something like:
top limit=30 and percent > 1 ....
top limit=50 and count >= 10 ....
Thanks!
1 Solution
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
satishsdange
Builder
03-18-2015
07:15 AM
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
pradeepkumarg
Influencer
03-18-2015
01:11 PM
Try this..
| top limit=30 | eval s_no =1 | accum s_no | top limit=30 | where percent > 1 | top limit=30 | where count >= 10
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
satishsdange
Builder
03-18-2015
07:15 AM
| top limit=30 xxx | where count > 10
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
okug
New Member
03-18-2015
01:04 PM
Great! Thanks!!
Any idea for 1st question?
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
ppablo
Retired
03-18-2015
04:27 PM
Hi @okug
Try and see if the answer on this post can help answer your 1st question.
http://answers.splunk.com/answers/216542/how-to-add-a-first-column-to-number-each-row-in-a.html
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
okug
New Member
04-10-2015
10:19 AM
Thanks!
top limit=30 foo| where percent >= 1 | streamstats count as row | fields row,foo,count,percent
worked.
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
ppablo
Retired
04-14-2015
05:43 PM
Hi @okug
Great 🙂 glad it worked!
Get Updates on the Splunk Community!
Aligning Observability Costs with Business Value: Practical Strategies
Join us for an engaging Tech Talk on Aligning Observability Costs with Business Value: Practical ...
Mastering Data Pipelines: Unlocking Value with Splunk
In today's AI-driven world, organizations must balance the challenges of managing the explosion of data with ...
Splunk Up Your Game: Why It's Time to Embrace Python 3.9+ and OpenSSL 3.0
Did you know that for Splunk Enterprise 9.4, Python 3.9 is the default interpreter? This shift is not just a ...
