Solved: Re: Other use cases for fieldsummary?

cee137 · ‎08-26-2020

I'm not sure if there is an answer to this question but as of right now, I'm using fieldsummary to get a better understanding of my data and specific fields in my data. Buuut, that's about where my fieldsummary journey ends. Are there any other interesting ways you use fieldsummary?

to4kawa · ‎08-26-2020

index=_internal "color" earliest=-7d
| fieldsummary
| rename field as names
| search names="color"
| spath input=values {} output=args
| stats values(names) as names by args
| spath input=args
| xyseries names value count

I made this for a trial.

View solution in original post

to4kawa · ‎08-26-2020

index=_internal "color" earliest=-7d
| fieldsummary
| rename field as names
| search names="color"
| spath input=values {} output=args
| stats values(names) as names by args
| spath input=args
| xyseries names value count

I made this for a trial.

cee137 · ‎09-08-2020

Thank you!

Other use cases for fieldsummary?

Join the Splunk Community Slack to learn, troubleshoot, and make connections with fellow Splunk practitioners in real time!

Join Splunk User Groups to connect and learn in-person by region or remotely by topic or industry.

[Puzzles] Solve, Learn, Repeat: Character substitutions with Regular Expressions

Splunk Community Badges!

[Puzzles] Solve, Learn, Repeat: Matching cron expressions

Join the Conversation