product
service
- Simple Security Consulting [Consulting]
- Splunk SOAR Automation Assessment Service [Consulting]
- Dashboard/SPL Creation Pack [Implementation/Building Support]
- Version upgrade service [implementation and construction support]
- Splunk Premium Apps construction support service [implementation and construction support]
- Splunk Security Log Analysis Start Package [Original App/Service]
- Splunk × CrowdStrike Falcon Insight, Macnica Original App [Original App/Service]
- Government uniform standard compatible App [Original App/Service]
- Smart Security Monitoring App [Original App/Service]
- Splunk × LANSCOPE Original App [Original App/Service]
- Security Monitoring App for Box [Original App/Service]
- Cloud Security Monitoring App [Original App/Service]
- SIEM Operation Monitoring Service [Original App/Service]
- List of services
- Macnica Premium Support for Splunk (utilization support, version upgrade monitoring)
- Macnica Premium Support for Splunk Skill Up Package
Specifications/Technical Information
Application for evaluation machine
- FAQ
How to change the order of columns in statistics
- release date
- 2017.12.06
- last updated
- 2017.12.06
- version
- Splunk Enterprise 6.6.2
- Overview
- How to change the order of columns in statistics
- Reference information
- content
-
About output results of statistical information
When analyzing statistics with Spluk, the order of columns in the output results depends on the command.
Use the table command to sort by any column
About the table command
The table command sorts the columns according to the field name given as an argument.
Command example:
In the above case, replace the columns in order of field1, field2, field3.
For example, if you run a command like:
Command example:
sourcetype=access_combined_wcookie
| stats count sum(bytes) as size by clientip,actionThe result of execution is as follows.
Suppose that the table command is used as follows for the above result.
Command example
sourcetype=access_combined_wcookie
| stats count sum(bytes) as size by clientip,action
| table clientip,size,action,countThe result of execution is as follows.
that's all
In charge of Macnica Splunk Co., Ltd.
- TEL:045-476-2010
- E-mail:splunk-sales@macnica.co.jp
Mon-Fri 8:45-17:30