Re: I want to create the table in Splunk for last ...

ramkyreddy · ‎11-17-2023

TC Execution Summary for Last Quarter

No. of job runs	AUS	JER	IND	ASI
August	150	121	110	200
Sept	200	140	150	220
Oct	100	160	130	420

I want to write a query for the above table

ramkyreddy · ‎11-21-2023

This is my raw data, I have to calculate the last 3 months executions

date month	countries	Jobs type
November	AUS	Execution
October	JER	Execution
September	IND	Execution
August	ASI	Execution

yuanliu · ‎11-21-2023

Suppose that is raw data, and suppose the table in your original post is desired result - illustrate again if that's not the case, can you describe the logic to obtain that table from this table? Also, can you post the output of the chart command that I proposed (replacing "month" with "date month" if that's the correct field name), and tell us why that output is not desired? Post both the actual search and actual results in text (anonymize as needed).

yuanliu · ‎11-17-2023

As far as I know, no volunteer here possesses mind-reading superpower. If you want concrete help, illustrate (in text) relevant data input (anonymize as needed but preserver key characteristics), illustrate (in text) desired output - you already did, then explain the logic to arrive at result from input.

If you have a field called "month" with values "August", "Sept", "Oct", and have a field named country with values "AUS", "JER", "IND", "ASI", this search will give you a semblance of what you illustrated.

| chart count over month by country

ramkyreddy · ‎12-19-2023

Thanks for your support its worked for me.

I want to create the table in Splunk for last 3 months

count

stats

table

Splunk Mobile: Your Brand-New Home Screen

Introducing Value Insights (Beta): Understand the Business Impact your organization ...

Enterprise Security (ES) Essentials 8.3 is Now GA — Smarter Detections, Faster ...

Are you a member of the Splunk Community?