All Apps and Add-ons
×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question

Problem with MLTK fit command and map command

splunker2
Engager
‎04-22-2021 08:39 AM

Hello!

I have a huge problem with map command, I tried to us an ACF (autocorrelation function) for more than 1 field. The main point is that I can not pass the field name using map command. Let me show you an example:

source="datos.csv"
| table Logging_ERROR, User_ERROR | transpose | table column | rename column as col | map [search source="datos.csv" |table "$col$" | fit ACF "Logging_ERROR" k=1440 fft=false conf_interval=90 ] maxsearches=2000000 (NOT WORK)

source="datos.csv"
| table Logging_ERROR, User_ERROR | transpose | table column | rename column as col | map [search source="datos.csv" |table "$col$" | fit ACF "$col$" k=1440 fft=false conf_interval=90 ] maxsearches=2000000 (WORK)

The error shown is: Error in 'fit' command: Error while fitting "ACF" model: No valid fields to fit or apply model to.

 

I don't want to write manually using append because I have a lot of them, I just tried to work with 2 fields in order to check if is it working.

Anyone knows what is it happening? Is it an error? Is it possible to solve it?

Labels (3)
Tags (3)
0 Karma
Reply
Get Updates on the Splunk Community!

Splunk Answers Content Calendar, July Edition I

Hello Community! Welcome to another month of Community Content Calendar series! For the month of July, we will ...

Secure Your Future: Mastering Upgrade Readiness for Splunk 10

Spotlight: The Splunk Health Assistant Add-On  The Splunk Health Assistant Add-On is your ultimate companion ...

Observability Unlocked: Kubernetes & Cloud Monitoring with Splunk IM

Ready to master Kubernetes and cloud monitoring like the pros? Join Splunk’s Growth Engineering team on ...