Hi,
I've seen it several times but don't know the difference and when to use == instead of = .
Like in these samples from the docs:
| eval description=case(status == 200, "OK", status ==4...
...ound((enable / total ) * 100 , 0) . " %" | reverse | table _time percentage above spl show percentage week over week I want to show anther column show percentage different between l...
Hello,
I can see in many Use Cases examples that tokens are using alternately in drill down searches: $user$ and user=$user$ In both cases the user fields is available in SPLand log f...
I have two events with start and end process and i need to calculate the time difference between the start process and end process of id but the fields are not configured, The data is l...
...ercent as "%" Wich give me this result. I also need to group it by 10m time range and calculate the difference in percents between 2 previous time ranges for every line. Help me figure o...
I've been using tstats for most of the use cases that metasearch covers, and so I'm interested in what metasearch can do that tstats can't. From my reading of the documentation, it seems that m...
Hi,
I am trying to get the execution count based on the parentIDs over two different data sets. Please could you review and suggest ?
I would like to see what's execution count between...
Dears What are the main differencesbetween calculating SPLUNK daily license from the ready-made query located in SPLUNK master (DMC Alert - Total License Usage Near Daily Quota) And from using b...
...M
I would like to calculate the difference between them to calculate how much daylight we are getting each day.
I first use the strptime command to convert the sunrise and sunset values into a epoch t...
Hello I have this SPL which returns like 40 000 records when run alone however when it's appended to another SPL which is similar except with different Report ID and monitored commands. The record o...