×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question
moffitt
Engager
Member since: ‎06-06-2013
‎06-05-2020
Community Statistics
Posts 2
Solutions 0
Karma Given 0
Karma Received 1
Member Since ‎06-06-2013
View All

Re: Counting how often the mode() value occurs in ...

by in Splunk Search
‎08-15-2013 02:05 PM
‎08-15-2013 02:05 PM
This works very well. Thank you. ... View more

Counting how often the mode() value occurs in a re...

by in Splunk Search
‎08-15-2013 08:45 AM
1 Karma
‎08-15-2013 08:45 AM
1 Karma
I want to query my access logs to learn where the majority of my traffic is coming from in 1 second buckets. This is my query. sourcetype="access*" | timechart span=1s values(clientip) as ips, mode(clientip) as mode, count(mode) as hits I get good data results for ips and mode. The first is a list of ip addresses and the second is the most frequent value in that list. The problem with this query is that hits is always zero. Can anyone please tell me how I can count the number of times the mode value appears in the result set? ... View more
Contact Me
Online Status
Offline
Date Last Visited
‎06-05-2020 02:04 AM
Karma from
View All