Important Search Command in Splunk...

1. Erex - do not know the regular expression : index = "main" | erex monthday examples ="7/01"

2. Abstract - The original text replaced by the summary : index ="main"| abstract maxlines = 50
3. Typer - to get to know event type : index ="main" | typer 
4. Rename - rename the value as we want : index = "main" | rename Karthik as "Sharavan"
5. Anomalies - look for field values are unusual or unexpected.: index = "main" | anomalies by source
6. FillDown - replaces the null value using last non null values : index = "main" | filldown count
7. Acum - calculate running total | sourcetype=access_* status=200 categoryId=STRATEGY | chart count AS views by productId | accum views as TotalViews
8. AddTotals:arithmetic some of all numeric values : source="addtotalsData.csv" | chart sum(sales) BY products quarter

Comments

Post a Comment

Popular posts from this blog

General information about Netezza : Default Error details

General information about Netezza : Default Error details     There are around 140 default error details available in Netezza. For your reference please find below details. ERRORCODE ERRORTEXT 1 Operation failed 2 Interaction aborted 3 Statement aborted 4 Could not serialize - transaction aborted 5 Transaction no longer active 6 Out of memory 7 Incorrect data type 8 Illegal value 9 Internal: SPUs crosstalking 10 Internal pipe I/O failed 11 Cannot determine hostname 12 Rogue SPU trying to register 13 No such table exists 14 No such field exists in table 15 Table already exists 16 Plan already exists in plan dictionary 17 F...
Read more

Minus in Teradata?...

Minus : It will provide the result which one is not matching from both tables... Note: It will provide the not matching result from first select table only. Select Emp_No from Emp Minus Select Emp_no from Emp_Dep;
Read more