Subscription

Explore Products

Best Sellers

New Releases

Books

Videos

Audiobooks

Learning Hub

Conferences

Free Learning

You're reading from Splunk 7 Essentials, Third Edition Demystify machine data by leveraging datasets, building reports, and sharing powerful insights

Product type Paperback

Published in Mar 2018

Publisher Packt

ISBN-13 9781788839112

Length 220 pages

Edition 3rd Edition

Languages

C++

Tools

Splunk

Concepts

Operational Intelligence

Authors (4):

Erickson Delgado

Steven Koelpin

J-P Contreras

Betsy Page Sigman

View More author details

Table of Contents (10) Chapters

Preface

1. Splunk – Getting Started

2. Bringing in Data FREE CHAPTER

3. Search Processing Language

4. Reporting, Alerts, and Search Optimization

5. Dynamic Dashboarding

6. Data Models and Pivot

7. HTTP Event Collector

8. Best Practices and Advanced Queries

9. Taking Splunk to the Organization

Search command – stats

A common use of the stats command is to count events. To see how this works, run the following search query. The SPL will return a single number representing the count of all events in the last 30 minutes. Notice that the pipe that precedes the stats command filters the data that will be included in the final count:

SPL> index=main earliest=-30m latest=now | stats count

Change the time modifier and the number should be reduced:

SPL> index=main earliest=-15m latest=now | stats count

You may be wondering where the count came from. The true format of a stats command is stats function(X). This asks the system to return the result of the function based on the field X. When the count function is used without parentheses, Splunk assumes that you are looking for the count of all events in the given search.

The stats command becomes a very powerful...

The rest of the chapter is locked

A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.

Unlock this book and the full library FREE for 7 days

Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of

Start free trial

Renews at $19.99/month. Cancel anytime

Authors (4)

J-P Contreras

J-P Contreras, a Splunk-certified administrator and sales engineer, has delivered value-oriented data analytics and performance planning solutions for 20+ years. He has built award-winning consulting teams to help companies turn data into analytical insights. He helps companies implement Splunk and enjoys everything the Splunk community offers. He received his MBA in e-commerce from DePaul University's Kellstadt Graduate School of Business, Chicago, in 2001. He trains in DePaul's Continuing Education Program and is a member of DePaul's Driehaus School of Business Advisory Board. He'd like to thank his family, especially his wife and children, and close friends for making life so enjoyable.

See other products by J-P Contreras

Steven Koelpin

See other products by Steven Koelpin

Erickson Delgado

Erickson Delgado is an enterprise architect who loves to mine and analyze data. He began using Splunk in version 4.0 and has pioneered its use into his current work. He has worked with start-up companies in the Philippines to help build their open source infrastructure. He has developed applications with Python and node.js and is interested in Go and recovering programming with C/C++. In the recent years, he engaged himself in employing DevOps in his work. He blows off steam by saltwater fishing, mountain biking, crafting robots, and touring the country. He lives in Orlando.

See other products by Erickson Delgado

Betsy Page Sigman

Betsy Page Sigman is a distinguished professor at the McDonough School of Business at Georgetown University in Washington, D.C. She has taught courses in statistics, project management, databases, and electronic commerce for the last 16 years, and has been recognized with awards for teaching and service. She has also worked at George Mason University in the past. Her recent publications include a Harvard Business case study and a Harvard Business review article. Additionally, she is a frequent media commentator on technological issues and big data.

See other products by Betsy Page Sigman