I am using a DB query to get stats count of some data from 'ISSUE' column. This column also has a lot of entries which has no value in it.
something like,
Event log alert
Skipped count
how do i get the NULL value (which is in between the two entries also as part of the stats count. Is there any way?
In your search use the fillnull command and assign a value to that field when it is null, then count that value for the field.
search issue="*" | fillnull value=null issue | stats count by issue
View solution in original post
Is there a way to rename the NULL to display something else?
awesome, that fixed it 🙂 thanks a lot.
