×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question
coric
Engager
Member since: ‎03-10-2021
‎10-01-2021
Community Statistics
Posts 3
Solutions 0
Karma Given 1
Karma Received 0
Member Since ‎03-10-2021
Activity Feed
View All

Re: Search Help combine with Dashboard

by in Dashboards & Visualizations
‎10-02-2021 02:25 AM
‎10-02-2021 02:25 AM
@coric  You can try the below thing to handle this. It will give the latest value of Attack_type for given ip_adddress. | stats first(Attack_Type) count as Count by ip_address  If you are using tstats command and Data model, then you can also go for the below thing: | tstats summariseonly=<keep_it_configurable> latest(<data_model>.Attack_type) from datamodel=<> by <data_model>.ip_address  If you find my solution fruitful, then an upvote would be appreciated. ... View more

Re: Make a Alert across 2 Fields

by in Alerting
‎03-10-2021 06:54 AM
‎03-10-2021 06:54 AM
Perfect, that should work perfectly, il let you know! ... View more
Contact Me
Online Status
Offline
Date Last Visited
‎10-01-2021 12:56 PM
Karma given to
View All