×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question
idofwasim
Explorer
Member since: ‎02-07-2022
‎03-09-2022
Community Statistics
Posts 4
Solutions 0
Karma Given 1
Karma Received 1
Member Since ‎02-07-2022
Activity Feed
View All

Re: How to export a result with stats count of err...

by in Splunk Search
‎02-12-2022 06:05 AM
1 Karma
‎02-12-2022 06:05 AM
1 Karma
@BahadirS  Thank you so much , it worked 🙂  ... View more

Re: result from subquery with different source typ...

by in Splunk Search
‎02-10-2022 07:38 AM
‎02-10-2022 07:38 AM
result source type id         model 100      aaa 101      bbb  node source type id         address            resultid 200      AAA    100 201      BBB    100 202      AAA    101 203      CCC    101  Error source type id         err_msg           nid 300      500 error         200 301      500 error         201 302      404 Error         202  If i run with stats count by nid err_msg then it give the count of err by node. but if i add model at the end of stats (stats count by nid model  err_msg) it returns blank ... View more

Re: result from subquery with different source typ...

by in Splunk Search
‎02-10-2022 03:39 AM
‎02-10-2022 03:39 AM
@ITWhisperer  Thanks for helping out. it almost works . I can see the stats count of err_msg and node . but when I add model, it doesnt show any results. any help.  ... View more

How to export a result with stats count of err_msg...

by in Splunk Search
‎02-09-2022 06:15 AM
‎02-09-2022 06:15 AM
I have 3 different sourcetype like Result , Node and error under same index. Result has id , model Node has address, id, resultid (which is key to id in result) Error  has err_msg, id, nid (which is key to id in Node) I want to export a result with stats count of err_msg by Node and model. I tried with joins and subquery with IN operator from other query but no luck.   index= index1 sourcetype = Node [ search  index= index1 sourcetype = Error  | stats count by err_msg ] | stats count by id,err_msg ... View more
Contact Me
Online Status
Offline
Date Last Visited
‎03-09-2022 10:59 AM
Karma from
View All
Karma given to
View All