Solved: Re: How to edit my "stats (count)" search to displ...

Abarny · ‎02-24-2017

Hi guys, i have a question about the function stats count (fields) by field | where xxx .

I want just the result of my stats count with an any number but i have a table with this function. Can you tell me how i can do for do that. Thanks.

| stats count(AA) by BB
| where BB!=200

Abarny · ‎02-24-2017

Thanks but I have an other question about the eval function. When i do that :

|bin span=1d _time
| stats count dc(_time) as days by date_wday
| eval Moyenne=(count)/(days)

I have a graphics with Moyenne count and days but if i want just display moyenne how i can remove count and days ?

Thanks for your answer.

Abarny · ‎02-24-2017

Thanks but I have an other question about the eval function. When i do that :

|bin span=1d _time
| stats count dc(_time) as days by date_wday
| eval Moyenne=(count)/(days)

I have a graphics with Moyenne count and days but if i want just display moyenne how i can remove count and days ?

Thanks for your answer.

nickhills · ‎02-24-2017

|bin span=1d _time
| stats count dc(_time) as days by date_wday
| eval Moyenne=(count)/(days)
|table Moyenne

If my comment helps, please give it a thumbs up!

Abarny · ‎02-24-2017

It's okay i have founded. I need to say | table date_wday Moyenne.

Thanks you

adayton20 · ‎02-24-2017

You could just add |table count(AA) at the end of your search

How to edit my "stats (count)" search to display a table?