×

Join the Conversation

Without signing in, you're just watching from the sidelines. Sign in or Register to connect, share, and be part of the Splunk Community.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question
micave
New Member
Member since: ‎01-18-2017
‎06-05-2020
Community Statistics
Posts 2
Solutions 0
Karma Given 0
Karma Received 0
Member Since ‎01-18-2017
Activity Feed
View All

Re: How to edit my search to get the total count o...

by in Splunk Search
‎01-20-2017 12:48 PM
‎01-20-2017 12:48 PM
Tried the other solution first and it worked for me. Interested in also trying this. Thanks! ... View more

How to edit my search to get the total count of tw...

by in Splunk Search
‎01-18-2017 08:18 AM
‎01-18-2017 08:18 AM
I have two indexes that I need to search. For the first index, I need to count the total from a certain field however I need to dedup this field first. I have the same dilemma with the second index. I need to count the total but have to dedup as well. For example: index=MyIndex1 OR index=MyIndex2 | dedup MyIndex1Field | dedup MyIndex2Field | stats count MyIndexField1 as Total1, count MyIndexField2 as Total2 | eval CalcField=(Total1/Total2) There are some commands I will pipe in once I get this solved but for now just trying to figure this out. I keep getting issues when I dedup one or the other so the goal is to dedup both. Any help would be appreciated. ... View more
Contact Me
Online Status
Offline
Date Last Visited
‎06-05-2020 02:04 AM