The partitions argument runs the reduce step (in parallel reduce processing) with multiple threads in the same search process on the same machine. Default: a single space partitions Syntax: partitions= Description: Partitions the input data based on the split-by fields for multithreaded reduce. Default: false delim Syntax: delim= Description: Specifies how the values in the list() or values() aggregation are delimited. dedup_splitvals Syntax: dedup_splitvals= Description: Specifies whether to remove duplicate values in multivalued BY clause fields. If no BY clause is specified, the stats command returns only one row, which is the aggregation over the entire incoming result set. The BY clause returns one row for each distinct value in the BY clause fields. You cannot use a wildcard character to specify multiple fields with similar names. Default: false by-clause Syntax: BY Description: The name of one or more fields to group by. Optional arguments allnum Syntax: allnum= Description: If true, computes numerical statistics on each field if and only if all of the values of that field are numerical. You can use wild card characters in the field name. Use the AS clause to place the result into a new field with a name that you specify.
sparkline-agg-term Syntax: Description: A sparkline aggregation function. For more information on eval expressions, see Types of eval expressions in the Search Manual. You can use wild card characters in field names. The function can be applied to an eval expression, or to a field or set of fields. ) Required arguments stats-agg-term Syntax: ( | ) Description: A statistical aggregation function.
0 kommentar(er)
