Splunk Search
×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question
Solved! Jump to solution

Top by a value inside the query

timbCFCA
Path Finder
‎09-24-2010 08:14 PM

Within each record in a query I have two fields, c_ip and cs_bytes which is numeric. How can I get the top 10 c_ip values for the highest sum total of the cs_bytes field? The direction I've tried is a stats sum(cs_bytes) by c_ip.

Tags (1)
Reply
1 Solution
Solved! Jump to solution
Solution

Stephen_Sorkin
Splunk Employee
Splunk Employee
‎09-24-2010 08:32 PM

You can search:

... | stats sum(cs_bytes) as bytes by c_ip | sort - bytes | head 10

View solution in original post

Reply
Solved! Jump to solution
Solution

Stephen_Sorkin
Splunk Employee
Splunk Employee
‎09-24-2010 08:32 PM

You can search:

... | stats sum(cs_bytes) as bytes by c_ip | sort - bytes | head 10
Reply
Get Updates on the Splunk Community!

What's New in Splunk Observability - October 2025

What’s New?  We’re excited to announce the latest enhancements to Splunk Observability Cloud and share what’s ...

🌟 From Audit Chaos to Clarity: Welcoming Audit Trail v2

🗣 You Spoke, We Listened Audit Trail v2 wasn’t written in isolation—it was shaped by your voices. In ...

Splunk Enterprise Security 8.x: The Essential Upgrade for Threat Detection, ...

 Prepare to elevate your security operations with the powerful upgrade to Splunk Enterprise Security 8.x! This ...