Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Search
Splunk Community
×
Are you a member of the Splunk Community?
Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
- Search
Search
Search the Community
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
11,225 results
Sort by:
07-16-2024
05:17 AM
...imechart, for some reason the timechart looks completly different when I sort the fields befor. this is the basic search and it's results: |tstats count WHERE case=test responseCode=200 r...
Labels
- Labels:
-
timechart
05-30-2024
02:53 PM
I would like to visualize using the Single Value visualization with and Trellis Layout and sort panels by the value of the latest field in the BY clause. I can follow the timechart with a t...
Labels
- Labels:
-
single value
-
timechart
-
trellis layout
Show results in replies (7)
-
...rder on the second transpose - however it does require that you know the sort column number - a...
-
These all sort by field value of the last time value of the timechart, they are not sorting by n...
-
...olutions I have seen have the effect of sorting the resulting | timechart fields by name rather than b...
-
...echniques. 1. Uses a token in a base search to define the sort order as a token ($sort_order$) - t...
-
...ranspose |sort - "row 5" ```uses values from the last row (latest time) ``` |transpose header_field="c...
-
I re-implemented your solutions and found #2 sorted by name. Your solution #3 does i...
-
Number 2 does not do sorting in the table itself, that is simply used as the base search in the d...
05-27-2025
03:13 AM
...ssue is in the output the month field is not chronologically sorted instead it is alphabetical. I intend to sort it chronologically. I tried with the below query as well to achieve the desired output b...
Labels
- Labels:
-
field extraction
-
stats
-
timechart
-
tstats
04-06-2023
05:05 AM
Hello,
thank you in advance for your feedback.
I would like to sort the date so that my graph is coherent, can you please help me?
| tstats summariesonly=t allow_old_summaries=t c...
- Tags:
- sort
Show results in replies (4)
-
Hi @numeroinconnu12 , to sort a date you have to transform them in epochtime, so, to sort...
-
Hi @numeroinconnu12 , good for you, see next time! Ciao and happy splunking Giuseppe ...
-
You did well to convert the Date field to epoch form before sorting. However, the stats c...
-
it's work, thank you @gcusello 🙂
07-24-2023
05:20 PM
...tem\":\"disk2\", \"size\":1099511627776, \"size_pretty\":\"1 TB\"}]"
| table item size size_pretty Now when you sort by "size" the table works as expected (2GB is smaller than 1TB). W...
Labels
- Labels:
-
dashboard
Show results in replies (5)
-
...he drilldown, i'd like to control the sort behaviour
-
...ieldformat size=size_pretty Basically, size shows the size_pretty value but the sort uses t...
-
...nderstand that it doesn't affect the underlying data, just the display of - So the sort works p...
-
I'm not sure if it's possible to sort by a different column. However...there is a way to display t...
-
Hi @lindonmorris Yeah, it would not meet your second requirement to sort on the s...
04-20-2022
08:58 AM
I am currently using a bar chart visualization but I need to sort the bars by descending order. I can't use a simple chart count by EVNTSEVCAT | sort -count because the SEVCAT f...
Labels
- Labels:
-
panel
-
simple XML
Show results in replies (4)
-
| transpose 0 header_field=cat column_name=cat | sort 0 - "row 1" | transpose 0 header_field=cat c...
-
Do you mean sort the names in descending order or the values in descending order?
-
...ATI) sum(CATII) sum(CATIII) 7 141 3 I want the bar chart to sort it out in d...
-
...ATII) sum(CATIII) | transpose | sort - "row 1" -Marco
01-06-2025
11:27 PM
Dear All, Kindly suggest , How to sort data in stats command output as per event time . Example: Requirement : VPN login details as per source user In last one hour. SPL Query : i...
Labels
- Labels:
-
using Splunk Enterprise
07-09-2012
12:22 PM
3 Karma
...licked on the Time header in the table, the column is still not sorted. I am wondering if anyone can shed some light on this? Thank you!
| bucket _time span=60m | eval Time=strftime(_time, "%m/%d %H...
- Tags:
- search-language
- sort
Show results in replies (4)
-
Your syntax is a little off. Have a look at sort's syntax here: http://docs.splunk.com/D...
-
If you are trying to sort by the extracted timestamp, then _time is what you want to use i.e....
-
Hi there, this answer isn't working for me. Here's the query I'm typing: name@email.com | sort...
-
...ith space and without space after minus): | sort -Time | sort -_time Whatever I do it just i...
02-21-2024
02:18 PM
Hello, I don't know how to simulate this using makeresults, but I have data over 10,000 (let say 50,000) If I sort descending using "| sort - 0 Score", it will only give me 10,000 rows, but I u...
