Fortytwo - Answer to the Ultimate Question of Life, the Universe, and Everything

User Tools

Site Tools

Trace: splunk-queries
splunk-queries

This is an old revision of the document!

Table of Contents

Splunk Queries

Count Events per Index

| tstats count WHERE index=* OR index=_* by index

List Indexes

| eventcount summarize=false index=* | dedup index | fields index

Events per Host / Index / Sourcetype

| tstats count as EVENTS_PER_HOST where index=* by index,sourcetype,host | table * | sort by index
,
splunk-queries.1706170621.txt.gz · Last modified: 2024/01/25 09:17 by baumi
Donate Powered by PHP Valid HTML5 Valid CSS Driven by DokuWiki