Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
Search
Splunk Community
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
- Search
Search the Community
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
11 results
Sorted by:
01-20-2011
11:36 PM
1 Karma
Hey folks, I have a hopefully silly question about the stdev(), sum(), var() etc... functions within the stats command. I have an example below where stats sum() are display then another which d...
- Tags:
- statistics
- stats
01-26-2016
10:48 AM
I'm attempting to build a status dashboard for my prod server farm, and would like to have colored graphics representing the status of a server based on certain criteria (Percentage remaining free di...
06-29-2018
12:43 AM
...ppendcols search?
index=xxx earliest=-7d@d latest=-0d@d | eval Date1 = (date_year + "-" + date_month + "-" + date_mday)
| stats count AS SearchThisWeek by Date1
| appendcols [ search index=x...
08-15-2016
01:29 AM
...ombination with any other statistical function, such as median() , avg() , min() , etc. But it just doesn't work on its own. I'm using Splunk 6.2.4. Is this a bug or just something I'm not getting?
08-21-2017
11:19 PM
...ounting of the events that were unsuccessful. I would like to do this as compactly in terms of the Splunk query. I am thinking of something like running an eval to establish fail or success from the a...
07-16-2015
03:08 PM
...arliest=-60d
| timechart span=1w
eval(
sum(a)
/
tonumber([search source="vx-fcr.csv" host="vx-contacts" sourcetype="csv-vx-fcr" date_year = 2015 earliest=-60d | stats sum(c...
- Tags:
- percentage
- subsearch
07-27-2017
07:29 AM
Here's what I have below. I'm trying to do unit conversion and the unit trails in the string (ex. 127 KiB). Any ideas as to why the statement won't work?
eval new_max_rx = if(rx_today = "*KiB", "m...
- Tags:
- conditional
- max
01-05-2017
11:38 AM
Hello splunkfans,
i'm kind of running out of ideas and this is my first contact to streamstats. 😕
I am working on a statistic of botnet portscans on my firewalllogs. The goal is based on t...
01-23-2015
05:43 AM
...hart of values Wrg_Status over the time. My search string looks like:
... | eval testLogic=case(
LIKE(stepName,"additional_sub_%") AND stepStatus="PASS", "ADD_PASS",
LIKE(stepName,"w...
04-10-2018
07:18 AM
...ourcetype="new" (CLASS AND "MARK = Low" AND INFO) | CLASS_NO = $CLASS_TOKEN$ |eval VAL = round(VAL,3) | eval info=if(sourcetype="new", VAL,Roll No) | timechart VALUES(info) usenull=false by CLASS_NO
