cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question
ag_yeck
Explorer
Member since: ‎03-06-2023
‎03-08-2023
Community Statistics
Posts 3
Solutions 0
Karma Given 2
Karma Received 0
Member Since ‎03-06-2023
Activity Feed
Topics I've Started
View All

Re: Combine data from same field

by in Splunk Search
‎03-07-2023 09:47 AM
‎03-07-2023 09:47 AM
@yuanliu  I like the idea of just using semantics to solve, but this did not change the visualization. Maybe I need to use "rootpath" on the "timechart" line? ... View more

Re: Combine data from same field

by in Splunk Search
‎03-07-2023 09:45 AM
‎03-07-2023 09:45 AM
Thank you @yeahnah , that worked! I am a Splunk noob so having the explanation after the solution is very helpful. ... View more

How to combine data from same field?

by in Splunk Search
‎03-06-2023 05:08 PM
‎03-06-2023 05:08 PM
I am looking to chart a field that contains a request path but want to display and get a total count of all events that contain the root request path(a) and events that contain the root + <some guid>/contents.(b) The path is a field I manually extracted called "request_path_in_request" Example of the path I want to combine in the cart: (a)path=/v4/layers/asPlanted (b)path=/v4/layers/asPlanted<some guid>/contents Here is my Splunk query so far: source="partners-api-ol" request_path_in_request="/v*" | timechart count by request_path_in_request useother=f limit=10 And here is how that field is getting charted: Is there a way to show only category of "/v4/layers/asPlanted" , but have the count be the total of all the events with that root path? ... View more
Labels
Contact Me
Online Status
Offline
Date Last Visited
‎03-08-2023 03:16 PM
Karma given to
View All