Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
Search
Splunk Community
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
- Search
Search the Community
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
100 results
Sorted by:
11-02-2020
05:47 PM
...ther query | mstats prestats=true avg(load.*) WHERE (`sai_metrics_indexes`) AND host=lalalala by host span=1m | timechart span=1m avg(load.longterm) AS Longterm by host which also works perfectly N...
Labels
- Labels:
-
subsearch
06-28-2018
06:57 AM
Is there a way to use the improved mstats syntax introduced in 7.1 (changes described here) with metrics that have spaces in their names? I'm getting an error "Term based search is not supported" w...
10-11-2018
09:02 AM
I am not able to get the latest (or earliest) _time values using mstats.
| mstats sum(bytes) latest(_time)
where index=metrics_app_dest_survey by app_name
is returning:
10-17-2019
08:29 AM
I know that events and metrics use different index types. Does that mean I can't create an alert (outside of metrics workspace) using an SPL search with mstats?
E.g., I am pumping collectd uptime i...
01-12-2021
02:30 PM
...oin works one of the fields - "Uptime_seconds" - in the initial search generates becomes empty. My initial query is: | mstats latest(System.System_Up_Time) as Uptime_seconds latest(Processor.%_...
Labels
- Labels:
-
join
-
search job inspector
Show results in replies (3)
-
I wondered if it was related to the data from an mstats call. You could try using append with t...
-
...ppend and stats functions instead: | mstats latest(System.System_Up_Time) as Uptime_seconds l...
-
...he mstats as the subsearch and the standard search as the outer - it would be interesting to see if o...
11-21-2017
04:19 PM
I know that I can combine multiple metrics using mstats as:
| mstats avg(_value) AS "Average" WHERE metric_name=metric_name* span=1m by metric_name, host
this would create a row per m...
08-05-2019
04:30 AM
...etric2, ...., metricN, host
At the moment it is in the form:
_time, metric_name, host
I extract it with the following search:
| mstats avg(_value) WHERE index=os-unix-nmon-metrics AND m...
03-12-2019
02:34 AM
...hoose ITSI module for Influxdata Telegraf (OS)/OS-Hosts entity import linux
It says: No or insufficient data found.
I try search manually:
| mstats latest(_value) as value where `t...
a month ago
09-09-2020
06:29 AM
...tats command, I could add eval to calculate this, but with mstats this fails Working query without conversion | mstats avg(_value) prestats=t WHERE index=em_metrics AND metric_name="M...
