From the course: Splunk Core Certified User (SPLK-1001) Cert Prep
Join today to access over 25,500 courses taught by industry experts.
Using the stats command - Splunk Tutorial
From the course: Splunk Core Certified User (SPLK-1001) Cert Prep
Using the stats command
As we've already said a few times, the STATS command is one of the most important transforming commands in Splunk. You can use the STATS command to perform statistical calculations on the data retrieved by your search. And when you use the STATS command, it is a requirement for you to use statistic functions so there are different statistics functions that can help you to do different things using the stats command. Here we are just going to see high-level those statistics functions but we're gonna go ahead in the following sections and we discuss in detail how those work with the stats command. The first one we're gonna see here is the count function so you can use the count function to count the number of events just as we've seen in the previous slide we're using count and then we're saying by client IP that's an example of how you can use the count function with a stats command. Now you can use the count function with or without an argument so if you just say count it's just gonna…
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.
Contents
-
-
-
-
-
-
-
-
(Locked)
Module overview1m 44s
-
(Locked)
Overview of transforming commands4m 12s
-
(Locked)
Using the stats command3m 18s
-
(Locked)
stats count function14m 26s
-
(Locked)
stats distinct_count function4m 14s
-
(Locked)
stats sum and avg functions15m 24s
-
(Locked)
stats list and values functions7m 58s
-
(Locked)
Combining functions11m 25s
-
(Locked)
Using the top command24m 24s
-
(Locked)
Using the rare command10m 22s
-
(Locked)
Formatting statistics tables17m 16s
-
(Locked)
Formatting visualizations12m
-
(Locked)
-
-
-