How to count the number of occurence of string in Splunk

0
votes

I am not able to find a Splunk query to count the number of occurences of a string across events.

My string is:

"\"IsFeedback\":true"

I tried this but it doesn't count the number of occurrences of the string across events:

host="HOST001" AND "\"IsFeedback\":true"

I want the occurrence of "\"IsFeedback\":true" across all events.

1
splunksplunk-query
Does it return an incorrect count? No results?freginold
@reginold : it returns me the same result as it does with out STATS COUNTS. I want to get the count of the string across all events, like a string count. In one event i have multiple count of the same string.Bhaskar Mishra

1 Answers

0
votes

Try this:

index=xxxx sourcetype=xxxx host="HOST001" "\"IsFeedback\":true" | stats count