Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Search
Splunk Community
×
Are you a member of the Splunk Community?
Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
- Search
Search
Search the Community
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
4,223 results
Sort by:
05-31-2024
02:02 AM
...ll_Email.action
| `drop_dm_object_name("All_Email")`
| eventstats sum(eval(if(action="quarantined", count, 0))) as quarantined_count_peruser, sum(eval(if(action="delivered", count, 0))) as d...
06-11-2024
07:35 PM
Hello, Is it possible to use eventstats with conditions? For example: I only want to apply eventstats only if field name contains "student-1" | eventstats values(if(match(name,"student-1"), n...
- Tags:
- eventstats
06-11-2024
06:12 PM
Hello, I need help improve efficiency of my search using eventstats. The search worked just fine, but when I applied to large set of data, it took too long. Please suggest. Thank y...
- Tags:
- eventstats
01-17-2018
02:53 AM
1 Karma
I can't comprehend what 'eventstats' is. I went thru the splunk docs. I wanna use math functions like avg.. etc.. not sure whether to use stats avg or eventstats avg !! An example would be a...
- Tags:
- splunk-enterprise
Labels
- Labels:
-
stats
09-20-2023
12:39 AM
...his but im getting 0 results
| stats count by SERVERS
| stats count(SERVERS) by Domain as "Domain_Count"
| eventstats sum(count) as Total_Servers
What can I do ? Thanks
- Tags:
- eventstats
03-07-2024
04:10 AM
...lank. (I probably need to also sort by host, but that's irrelevant to the eventstats issue.) index=iis status=404 uri="*/*.*"
|stats count by host uri
|eventstats max(count) by host as h...
07-08-2013
06:19 PM
5 Karma
Noob question. What is the different between stats and eventstats commands?
- Tags:
- eventstats
- stats
Show results in replies (4)
-
...earch results and save them as values in new fields. Eventstats is similar to the stats command, except t...
-
This blog was really useful for me when attempting to understand streamstats and eventstats. T...
-
...earch-command-stats-eventstats-and-streamstats-2/
-
...paque at times - especially when you get into some of the less common commands like eventstats and s...
11-21-2020
12:02 PM
2 Karma
Hi All I'm new to Splunk and I'm confused between stats eventstats and streamstats. Can anyone help me to understand?
Labels
- Labels:
-
stats
Show results in replies (5)
-
...nd-eventstats-command-in-splunk/. Shortly streamstats calculate over sliding window and eventstats o...
-
https://splunkonbigdata.com/difference-between-streamstats-and-eventstats-command-in-splunk/
-
One addition to streamstats, you could define the window which it use to calculate stats. Also you ...
-
...re passed down the line eventstats adds to the pipeline as a whole - calculated values are based on a...
-
...ncoming result set. eventstats Eventstats calculates a statistical result same as stats command o...
01-17-2023
08:34 AM
...s:azure:accounts" source="rest*User*")
| where match(userPrincipalName,"domain name") or match(userPrincipalName,"domain name")
| eventstats count by id
| eventstats count(eval((source="rest://MSGraph G...
03-26-2018
05:48 PM
I have used below query to get distinct values:
stats values(gitRepo) AS serviceName BY buildNum
This gives correct values. Problem is I am not getting value for other fields. If I used eventstats...
