I have a Splunk Query that is returning data, similar to:
ComputerName NumVulns
Computer1 10
Computer2 0
Computer3 27
Computer4 0
Computer5 100
And I would like to convert that output to a count of machines where NumVulns is 0 or NumVulns is greater than 0. Something like:
ComputerWithVulns - 3
ComputerWithoutVulns - 2
Ultimately I want to put this into a pie chart, but I am new to Splunk and not sure how to proceed. I've read up on eval and count but so far none of my attempts have been successful.
Thanks!
Figured it out myself:
|stats count(eval(NumVulns==0)) AS ComputerWithVulns count(eval(NumVulns>0)) AS ComputerWithoutVulns | transpose
Thanks!
Figured it out myself:
|stats count(eval(NumVulns==0)) AS ComputerWithVulns count(eval(NumVulns>0)) AS ComputerWithoutVulns | transpose
Thanks!
Figured it out myself.
|stats count(eval(NumVulns==0)) AS ComputerWithVulns count(eval(NumVulns>0)) AS ComputerWithoutVulns | transpose
Thanks!
Great! You may consider converting this comment to an answer and accepting it so that others may find the answer more easily.