...ilename
but it seems like I should be using eventstats like
index=logs sourcetype=logs
| eventstats sum(Bytes) as TotalBytes by ip, filename, date_mday, date_month, date_year
| where T...
Hi,
we have 2 configuration files like spg.conf and spg.conf.1162016 and we written perl program to find the difference between these 2 files and perl program is running under cron.
we are s...
...otal. A test search that I'm using to try and figure out where things are getting lost looks like this:
... | table account,usage
|eventstats sum(usage) as total
|eventstats sum(usage) as u...
...rom the header section of the file into the rows.
File #1
\DATA_CATEGORY = "AXA Curve"
\DATA_CATEGORY_DEFINED = "Category of Time Series Data"
\PUBLIC = "Y"
\NUMBER_OF_POINTS = "1090"
C...
I am trying to work out the 99th percentile of some response times and after seeing discrepancies in a couple of search queries I have narrowed it down to the | Stats and | Eventstats command.
M...
I tried to add a simple join onto my search but Splunk throws a 400 error
{"messages":[{"type":"FATAL","text":"Missing or malformed messages.conf stanza for S...
I am having trouble extracting individual events from a csv file with the data formatted in the following way.
I have tried to look for similar answers online, but can't see any that meet my requir...
This is long because I wanted to make sure all the right info was passed along. I've been racking my brain on this for a while and I'm not getting all my results back (maybe because there are so many...