×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question
jebabin
Engager
Member since: ‎02-27-2014
‎06-05-2020
Community Statistics
Posts 6
Solutions 0
Karma Given 1
Karma Received 0
Member Since ‎02-27-2014
Activity Feed
View All

Re: Null Search Swapper

by in Splunk Search
‎03-09-2017 11:22 AM
‎03-09-2017 11:22 AM
@jababin...Glad that it worked 🙂 ... View more

Re: How to combine the stats sum() and top functio...

by in Splunk Search
‎05-10-2016 11:12 AM
2 Karma
‎05-10-2016 11:12 AM
2 Karma
Easy peasy yoursearchhere | stats sum(bytes) as totalBytes by Client, Server | sort 10 -totalBytes will return a list of the "top 10" Client-Server combinations based on the sum. If you want the top 5 plus "other", try this yoursearchhere | stats sum(bytes) as totalBytes by Client, Server | eventstats sum(totalBytes) as grandTotal | sort 5 -totalBytes | appendpipe [ stats sum(totalBytes) as top5 avg(grandTotal) as grandTotal | eval Client="Other" | eval Server="Other" | eval totalBytes = grandTotal - top5 ] | eval percent = round(totalBytes*100/grandTotal,1) | fields - top5 grandTotal Add the "Other" is clearly a little more tricky. ... View more

Re: Is there a better way to filter on multiple va...

by in Splunk Search
‎04-27-2015 01:54 AM
‎04-27-2015 01:54 AM
Thanks, it's right that I did not need CNT_OK, and could filter directly on MAX after stats! ... View more
Contact Me
Online Status
Offline
Date Last Visited
‎06-05-2020 02:04 AM
Karma given to
View All