×

Join the Conversation

Without signing in, you're just watching from the sidelines. Sign in or Register to connect, share, and be part of the Splunk Community.
Ask a Question
splunkuser1
Loves-to-Learn
Member since: ‎04-19-2023
‎04-20-2023
Community Statistics
Posts 4
Solutions 0
Karma Given 0
Karma Received 0
Member Since ‎04-19-2023
Activity Feed
View All

Re: Output

by in Splunk Search
‎04-20-2023 05:33 AM
‎04-20-2023 05:33 AM
Your query gave me almost the correct answer, but as I mentioned in the above table, the month name is not displayed in the answer ... View more

Re: Output

by in Splunk Search
‎04-20-2023 02:37 AM
‎04-20-2023 02:37 AM
Month Host Count 1 xyz 3 2 xyz 7 3 xyz 7 April xyz 17 4 abc 4 5 abc 6 6 abc 8 7 abc 3 April abc 21 ... View more

Re: Output

by in Splunk Search
‎04-19-2023 12:13 PM
‎04-19-2023 12:13 PM
index=_internal, |stats count by date_month, host| rename date_month AS Month ... View more

How can I create an output in such a way that colu...

by in Splunk Search
‎04-19-2023 08:35 AM
‎04-19-2023 08:35 AM
This question was asked in the interview. Index is splunk's _internal, fields are host and date_month. I want to create an output in such a way that columns will be "Month", "Host", "Count". In month column each row will represent each day of month, in host column name of the 1st host will appear for all days of that month and count in column count. After the last day of month, in month column I want to display month name, in host column name of the 2nd host for all the days of month and count. How to write SPL query for this? ... View more
Labels
Contact Me
Online Status
Offline
Date Last Visited
‎04-20-2023 07:43 AM