I took a look at that. I got this error:
Error in 'eval' command: The arguments to the 'searchmatch' function are invalid.
I changed the searchmatch() to only use 1 argument (per the Splunk docs):
eval type1=if(searchmatch("/regexpattern/") ,1,0)
Then I piped those out to stats sum(type1) as Type1Count
Then I did this for the rest of the patterns, and it seems to be working 🙂
So my final search (thanks to your help) is:
index=* | eval type1=if(searchmatch("/regexpattern/") ,1,0)| eval type2=if(searchmatch("/regexpattern/"),1,0) | eval type3=if(searchmatch("/regexpattern/"),1,0) | stats sum(type1) as Type1Count sum(type2) as Type2Count sum(type3) as Type3Count
Thank you!!!
... View more