hey all,
Currently, i'm working on an SPL in Splunk to create a dashboard based on a specific time fields.
We have a table with 4 date columns of interest, let's say their names like that : X, Y, Z, W... some of the values at each column can be null or in this format YYYY-MM-DD.
For each unique month of each column, we need to aggregate the number of X records, Y records. Z records and W records
For example if we have the following data sample:
We need to have a report like that ...
At November ==> number of X records: 1 , number of Y records: 1, number of Z records: 0 , number of W records: 0
At December ==> number of X records: 0, number of Y records: 1, number of Z records: 1 , number of W records: 1
... View more