×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question
jregexsaurus
Engager
Member since: ‎05-17-2021
‎07-01-2025
Community Statistics
Posts 2
Solutions 0
Karma Given 12
Karma Received 0
Member Since ‎05-17-2021
Activity Feed
View All

How to create a search that will show other fields...

by in Splunk Search
‎05-16-2022 11:35 AM
‎05-16-2022 11:35 AM
This search will display port numbers from the Endpoint datamodel | tstats 'summariesonly ' count from datamodel=EndPoint.Port.dest_port  I would like to create a search that will show other fields like dest_bunit with the port. Without the datamodel I could just do a stats count by dest port.  I'm not sure how to replicate this query using the datamodel.  ... View more
Labels

Use an eval statement to find a percentage

by in Splunk Search
‎05-18-2021 01:18 PM
‎05-18-2021 01:18 PM
index=proxy sourcetype=bar | stats count by blockedAction | addtotals fieldname=grandTotal | eval percentBlocked = round((blockedAction/grandTotal)*100,1) I'm trying to show the amount blocked as a percent of total traffic. BlockedAction is a field that was created. ... View more
Labels
Contact Me
Online Status
Offline
Date Last Visited
‎07-01-2025 09:57 PM