cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question
joniba
Engager
Member since: ‎09-05-2023
‎09-06-2023
Community Statistics
Posts 2
Solutions 0
Karma Given 1
Karma Received 0
Member Since ‎09-05-2023
Activity Feed
View All

Re: Why is tstats not working on docker image data...

by in Splunk Search
‎09-06-2023 03:25 AM
‎09-06-2023 03:25 AM
Hey @PickleRick , I went into the settings for the dataset and enabled acceleration (via Edit Acceleration). Also the dataset shows up as accelerated in the list of datasets. Shouldn't that have resolved the issue? Also, why do you say it's irrelevant on a docker image? Is it not supposed to work on docker?   Do you know of any documentation describing this? ... View more

Why is tstats not working on docker image datasets...

by in Splunk Search
‎09-05-2023 06:57 AM
‎09-05-2023 06:57 AM
I'm totally and utterly new to splunk. Just ran the dockerhub sample, and followed the instructions: https://hub.docker.com/r/splunk/splunk/ I opened the search tab and most search commands seem to work fine.  For example, the following command:     | from datamodel:"internal_server.server" | stats count      Returns a count of 33350. While this command:     | tstats count from datamodel:"internal_server.server"     as well as this one:     | tstats count     both return zero. How can I get tstats working in this docker env with the sample datasets? ... View more
Labels
Contact Me
Online Status
Offline
Date Last Visited
‎09-06-2023 07:02 PM
Karma given to
View All