Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Search
Splunk Community
×
Join the Conversation
Without signing in, you're just watching from the sidelines. Sign in or Register to connect, share, and be part of the Splunk Community.
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
- Search
Search
Search the Community
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
170 results
Sort by:
01-06-2017
09:04 AM
3 Karma
...omputing capability: being able to compute intermediary statistics on separate nodes (e.g. map-reduce). It sounds like stats and other transforming commands really only run on the search head . . . meaning the...
05-26-2021
06:22 PM
...averages by category together in a stats table, is there an easy way to do this?
09-11-2013
05:07 AM
Hi all,
When I use query : mysearch | stats avg(X)
It is supposed that the result is the average value of field X in the time range choosed.
But it is not give the proper result, I check i...
09-19-2023
12:23 AM
1 Karma
Hi,
I would like to know the difference between version 1 and version 2 of the stats command.
Thank you
Kind regards
Marta
- Tags:
- splunk search
Labels
- Labels:
-
stats
01-24-2025
02:19 PM
Hello, I am building a splunk app , where I want to have my own custom aggregate function for stats command. Below is my use case let say.
| makeresults count=10
| eval event_count=r...
Labels
- Labels:
-
stats
05-11-2018
09:00 AM
...echnology but I would prefer to have all in one.
The number of rows will vary from 1 to however many technologies are in use for a system. eval doesn't support stats functions or this would be v...
05-04-2016
10:13 AM
1 Karma
I want to list about 10 unique values of a certain field in a stats command. I cannot figure out how to do this. I figured stats values() would work, and it does... but I'm getting hundred of t...
03-27-2020
06:51 AM
...eed are in the screenshot below:
I was able to use xyseries with below command to generate output with identifier and all the Solution and Applied columns for each status. However now I want a...
- Tags:
- splunk-enterprise
Labels
- Labels:
-
lookup
06-23-2022
03:24 PM
...otal field within the denominator of my eval command. Any suggestions on how to append this? index=ABC sourcetype="ABC" "EVNT=SWIendcall" |stats count by OUTCOME | addtotals row=f col=t...
Labels
- Labels:
-
eval
06-24-2022
09:25 PM
hello
I triy to add a condition in my eval command
| stats sum(eval(retrans_bytes)) as retrans by site
So I need to do something like this but it doesnt works
&n...
- Tags:
- other
