Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
Search
Splunk Community
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
- Search
Search
Search the Community
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
267 results
Sorted by:
03-31-2023
04:32 PM
...nomaly", 1, 0) | eval true_negatives=if(predicted_outlier="normal" AND actual_outlier="normal", 1, 0) | stats sum(true_positives) as TP, sum(false_positives) as FP, sum(false_negatives) as FN, sum(t...
11-10-2022
06:41 AM
...form whose some of the fields to fill should allow users to sort data using multiple inclusions or exclusions to fit what each and every team works with. Solution 1 : By using an EVAL tag in the X...
Labels
- Labels:
-
simple XML
05-26-2021
06:22 PM
...he averages by category together in a stats table, is there an easy way to do this?
03-28-2018
10:57 PM
1 Karma
Hello Community,
I have defined some tags like:
Field=Value --> TAG
OBJECT_TYPE=*_EMS --> EMS
Now I want to use this Tags within my eval statement:
|stats
c...
09-24-2021
02:17 AM
...ndex="myindex" source="/data/logs/log.json" "Calculation Complete"
| stats
| count(eval(MessageBody="*my string")) as My_String
| count(eval(MessageBody="*your string")) as Your_String
| count(eval(M...
01-13-2022
01:49 PM
Good Afternoon, So I've recently been hired on as a Splunk admin/analyst. The scope of my job really relies on my being able to know how to look things up in the search box. I real...
11-19-2019
07:48 AM
The command I am running is:
basesearch | eval number = case ( number = "1" , "Number 1" , number = "2" , "Number 2" , number = "3" , "Number 3" , number = "4" , "Number 4" ) | stats count by n...
11-27-2016
01:37 AM
1 Karma
We use eval command to create new field, and we used this as function ex: |stats count(eval(method="GET")) as get . Can someone explain this example clearly? What is eval doing here?
04-09-2012
02:43 PM
...PECIFIC ERROR EVENT STRING"
| stats count as error_total
| eval user_total = [search "SOME UNIQUE USER LOGIN EVENT STRING" | stats count as search]
| eval percent = (error_total/user_total)*100
| f...
