Splunk

sort

| sort _time desc

see: sort - Splunk Documentation

stats

| stats count by status

chart

| chart stats count by status, host

timechart

| timechart count

see: Search commands > stats, chart, and timechart | Splunk

table

Returns a table that is formed by only the fields that are specified in the arguments.

| table _time, event

Remove duplicates

Both dedup and uniq works as a filter on the search results to remove any search result that is an exact duplicate. dudup however only looks at fields specified.

dedup

| dedup field1

uniq

| uniq

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

splunk.md

splunk.md

Splunk

sort

stats

chart

timechart

table

Remove duplicates

dedup

uniq

Files

splunk.md

Latest commit

History

splunk.md

File metadata and controls

Splunk

sort

stats

chart

timechart

table

Remove duplicates

dedup

uniq