Splunk transaction time query7/3/2023 ![]() ![]() Puts search results into a summary index. See also, Statistical and charting functions.Īnomalies, anomalousvalue, cluster, kmeans, outlierįinds how many times field1 and field2 values occurred together. Returns results in a tabular output for charting. Replaces a field value with higher-level grouping, such as replacing filenames with directories. Puts continuous numerical values into discrete sets. Sets up data for calculating the moving average.Īccum, autoregress, delta, trendline, streamstats Returns audit trail information that is stored in the local audit index. Keeps a running total of the specified numeric field.Īutoregress, delta, trendline, streamstatsĬomputes an event that contains sum of all numeric fields for previous events.Īdd fields that contain common information about the current search.Ĭomputes the sum of all numeric fields for each result.Īnalyze numerical fields for their ability to predict another discrete field.Ĭomputes an "unexpectedness" score for an event.įinds and summarizes irregular, or uncommon, search results.Īnalyzefields, anomalies, cluster, kmeans, outlierĪppends subsearch results to current results.Īppendcols, appendcsv, appendlookup, join, setĪppends the fields of the subsearch results to current results, first results to first result, second to second, etc.Īppends the result of the subpipeline applied to the current result set to results.įinds association rules between field values. Produces a summary of each search result. Desired to gain proficiency on Splunk? Explore the blog post on Splunk Training to become a pro in Splunk. ![]() There is a short description of the command and links to related commands. The table below lists all of the search commands in alphabetical order. ![]()
0 Comments
Leave a Reply. |