Splunk Search
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

how to remove other values

mkhedr
Explorer
‎07-07-2019 03:35 PM

how to remove other values from this search syntax

index=main sourcetype=access_combined_wcookie productId
| chart count by clientip | iplocation clientip
| geostats count by clientip globallimit=5

Tags (1)
0 Karma
Reply

MuS
SplunkTrust
SplunkTrust
‎07-07-2019 03:50 PM

Hi mkhedr,

the docs of geostats https://docs.splunk.com/Documentation/Splunk/latest/SearchReference/Geostats#Optional_arguments say this:

globallimit 
Syntax: globallimit=<int> 
Description: Controls the number of named categories to add to each pie chart. There is one additional category called "OTHER" under which all other split-by values are grouped. Setting globallimit=0 removes all limits and all categories are rendered. Currently the grouping into "OTHER" only works intuitively for count and additive statistics. Default: 10

Run the same search with | geostats count by clientip globallimit=0 and the other group is no longer available.

Hope this helps ...

cheers, MuS

0 Karma
Reply
Get Updates on the Splunk Community!

Splunk Forwarders and Forced Time Based Load Balancing

Splunk customers use universal forwarders to collect and send data to Splunk. A universal forwarder can send ...

NEW! Log Views in Splunk Observability Dashboards Gives Context From a Single Page

Today, Splunk Observability releases log views, a new feature for users to add their logs data from Splunk Log ...

Last Chance to Submit Your Paper For BSides Splunk - Deadline is August 12th!

Hello everyone! Don't wait to submit - The deadline is August 12th! We have truly missed the community so ...