Hi Splunkers,
Need a help in forming a splunk query.
Requirement: Find the time difference (delta1, delta2,delta3.......) between events by specific field.
Example: User A eventcount =5 [delta1, delta2, delta3, delta4,]
User B eventcount= 3 [delta1, delta2]
Thanks for the help.
Regards,
Ankith
↧