Splunk Search

How to get results for last seven days and also it follows below mentioned condition?

sxp5686
Explorer

The task is to get total no cases(any cases) for last seven days and display the result like below.
seven columns each belongs to days of the week and with total cases in each day.

Tags (2)
0 Karma

nickhills
Ultra Champion

Try something like this:

<your search which finds 'cases'> |chart count by date_wday |transpose header_field=date_wday|table monday tuesday wednesday thursday friday saturday sunday

and run over 7 days

If my comment helps, please give it a thumbs up!
0 Karma
Get Updates on the Splunk Community!

What's new in Splunk Cloud Platform 9.1.2312?

Hi Splunky people! We are excited to share the newest updates in Splunk Cloud Platform 9.1.2312! Analysts can ...

What’s New in Splunk Security Essentials 3.8.0?

Splunk Security Essentials (SSE) is an app that can amplify the power of your existing Splunk Cloud Platform, ...

Let’s Get You Certified – Vegas-Style at .conf24

Are you ready to level up your Splunk game? Then, let’s get you certified live at .conf24 – our annual user ...