Hello,
I m trying to get the hour per day which gets the most hits on my application over a month but having some issues to get the right data output.
I would like to get a table report which would have:
DAY1 HOURX MaxEventNumber
DAY2 HOURX MaxEventNumber
....
I tried the following queries but none of them work. I think I m missing something on splunk reporting concepts:
| timechart span=1h count as HourlyCount | timechart span=1d max(HourlyCount)
| stats count AS hit BY date_hour, date_mday | stats max(hit) BY date_hour, date_mday
| timechart span=1h count | convert timeformat="%D" ctime(_time) AS c_time | chart max(count) AS MaxPerDay by c_time | table MaxPerDay date_hour
Any help would be greatly appreciated,
Thanks,
EG
... View more