Splunk Search
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question
Solved! Jump to solution

Unable to compare two numerical fields

JustAnotherStud
Engager
‎02-25-2021 05:53 PM

i have two fields that are numerical fields.  when I try a search that says:

 

index="test" AND field1 > field2

 

i get no results when I know that shouldn't be the case.  Any help would be greatly appreciated.

thanks

-JustAnotherStudent

Labels (1)
Labels
0 Karma
Reply
1 Solution
Solved! Jump to solution
Solution

ITWhisperer
SplunkTrust
SplunkTrust
‎02-26-2021 12:04 AM 
index="test" | where field1 > field2

View solution in original post

Reply
Solved! Jump to solution

JustAnotherStud
Engager
‎02-26-2021 04:48 PM

Thank you for the assistance 

0 Karma
Reply
Solved! Jump to solution
Solution

ITWhisperer
SplunkTrust
SplunkTrust
‎02-26-2021 12:04 AM 
index="test" | where field1 > field2
Reply
Get Updates on the Splunk Community!

Combine Multiline Logs into a Single Event with SOCK - a Guide for Advanced Users

This article is the continuation of the “Combine multiline logs into a single event with SOCK - a step-by-step ...

Everything Community at .conf24!

You may have seen mention of the .conf Community Zone 'round these parts and found yourself wondering what ...

Index This | I’m short for "configuration file.” What am I?

May 2024 Edition Hayyy Splunk Education Enthusiasts and the Eternally Curious!  We’re back with a Special ...