12/25/2022 0 Comments Splunk stats![]() Default: 10 latfield Syntax: latfield= Description: Specify a field from the pre-search that represents the latitude coordinates to use in your analysis. When you set locallimit= N, the top N values are filtered based on the sum of each series. Default: 10 locallimit Syntax: locallimit= Description: Specifies the limit for series filtering. Currently the grouping into "OTHER" only works intuitively for count and additive statistics. Setting globallimit=0 removes all limits and all categories are rendered. There is one additional category called "OTHER" under which all other split-by values are grouped. globallimit Syntax: globallimit= Description: Controls the number of named categories to add to each pie chart. by-clause Syntax: BY Description: The name of the field to group by. If the default values for binspanlat and binspanlong are used, a grid size of 8x8 is generated. If you set binspanlong lower than 33, the visualizations on the map might not render. binspanlong Syntax: binspanlong= Description: The size of the bins in longitude degrees at the lowest zoom level. If you set binspanlat lower than the default value, the visualizations on the map might not render. Optional arguments binspanlat Syntax: binspanlat= Description: The size of the bins in latitude degrees at the lowest zoom level. ![]() For more information on eval expressions, see Types of eval expressions in the Search Manual. You can use wild card characters in field names. Use the AS clause to place the result into a new field with a name that you specify. The function can be applied to an eval expression, or to a field or set of fields. Required arguments stats-agg-term Syntax: ( | ) Description: A statistical aggregation function. At each level of zoom, the number of bins is doubled in both dimensions for a total of 4 times as many bins for each zoom in. The initial granularity is selected by the binspanlat and the binspanlong. The quantity of zoom levels is controlled by the binspanlat, binspanlong, and maxzoomlevel options. The statistics can be grouped or split by fields using a BY clause.įor map rendering and zooming efficiency, the geostats command generates clustered statistics at a variety of zoom levels in one search, the visualization selecting among them. Statistics are then evaluated on the generated clusters. ![]() The events are clustered based on latitude and longitude fields in the events. The command generates statistics which are clustered into geographical bins to be rendered on a world map. ![]() Use the geostats command to generate statistics to display geographic data and summarize the data on maps. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |