Identify Unique events across all fields for diffe... - Splunk Community

Splunk Search

Hi,

Below is my result after doing, xyseries Date_Time,APPROVAL_STATUS,ACT_UW_COUNT

Date_Time	APPROVED	BACK TO SALES	DECLINED	OTHERS
12:46:36	260-199	1-2	18-19	94-0
13:01:35	260-199	1-2	19-20	94-0
13:16:35	260-199	1-2	19-20	94-0
13:31:36	260-199	1-2	19-20	94-0
13:46:36	260-199	1-2	19-20	94-0
14:01:36	260-199	1-2	19-20	94-0
14:16:36	260-199	1-2	19-20	94-0
14:31:36	260-199	1-2	19-20	94-0
14:46:36	260-199	1-2	19-20	94-0
15:01:35	261-199	3-7	19-20	95-0
15:16:36	261-199	3-7	19-20	95-0
15:31:36	261-199	3-7	19-20	95-0
15:46:35	261-199	3-7	19-20	95-0
16:01:36	261-199	3-7	19-20	95-0
16:16:36	261-199	3-7	19-20	95-0
16:31:36	261-199	3-7	19-20	95-0

I want unique records for different approvalstatus w..r.t date_time

expected result

Date_Time	APPROVED	BACK TO SALES	DECLINED	OTHERS
12:46:36	260-199	1-2	18-19	94-0
15:01:35	261-199	3-7	19-20	95-0

...
| stats first(*) as * by APPROVED

Why don't you try stats first() ?

Get Updates on the Splunk Community!

How to Get Started with Splunk Data Management Pipeline Builders (Edge Processor & ...

If you want to gain full control over your growing data volumes, check out Splunk’s Data Management pipeline ...

Out of the Box to Up And Running - Streamlined Observability for Your Cloud ...

Tech Talk Streamlined Observability for Your Cloud Environment Register Out of the Box to Up And Running ...

Splunk Smartness with Brandon Sternfield | Episode 3

Hello and welcome to another episode of "Splunk Smartness," the interview series where we explore the power of ...