This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
FAQ
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

DQL function replacing splunk command stats list

susmita_k
Organizer

‎31 Jul 2025 08:17 PM

is there a DQL Command/function available which can replace the stats list command in splunk ? Thanks in advance

Labels:
Reply
1 REPLY 1

angelalanis
Dynatrace Promoter
Dynatrace Promoter

‎01 Aug 2025 06:39 PM

Hi, the stats command in Splunk is an aggregation command, in Dynatrace with DQL there are 3 aggregation commands.

 

Looking at this example in the Splunk documentation, I think something similar can be made using the summarize command with DQL.

I tried making this example in a Notebook, here are the results.

fetch logs
| filter matchesPhrase(content, "long transaction")
| parse content, """LD 'type ['LD:type']'"""
| parse content, """LD 'duration ['INT:duration']'"""
| summarize {count(), sum(duration), avg(duration), max(duration), min(duration)}, by:{type}

angelalanis_1-1754070014813.png

Let me know if you find this useful.

Reply
Ask a question

Featured Posts