Need help with the following code:
index=corp_security_tanium splunk_server=phx11* sourcetype=ABC
| eval time=strptime(Last_Found_Date,"%Y-%m-%d")
| eval _time=time
| bucket span=w@w1 _time
| stats values(ABC) by ABC _time
| timechart span=w@w1 count(ABC) as "Accumulated count"
Time filter : Last 7 days
basically it should show the current no. and what the difference between last week and today
Thanks