Hello Everyone,  Please I need help with this. I would like to see the percentage of IPs that login from different countries. To get the total percentage of all the IPs from one country grouped into one column. Not quite sure how to achieve this.  IP Country Percentage 2.3.1.2 BR 22% 2.4.3.1 BR 27%     Total=49% 1.2.3.4 CA 11% 1.1.3.2 CA 10% 1.2.3.2 CA 8%     Total=29% 6.5.3.2 IN 5% 6.4.2.1 IN 7% 6.2.3.1 IN 8% 5.7.9.8 IN 2%     Total=22%   ... View more

Hi, I am a student and new to Splunk. I really need help creating a table like this: The goal is to detect different users that authenticated using same clientIP, different httpmethod, different status codes, and its equivalent sessionid. I used the below query, which yielded no results.   index=* sourcetype=* httpmethod=* httpstatus=* | table clientip,httpmethod,statuscode,sessionid | eval mv_field = clientip.”,”.httpmethod”,”.statuscode”,”.sessionid | makemv delim=”,” mv_field | table mv_field   clientIP HTTPMETHOD STATUS CODE SESSION clientIP 1 GET POST HEAD 200s 400s 300s 500s sessionid clientIP 2 POST 400s 200s sessionid clientIP 3 GET POST 200S sessionid ... View more