Documentation > Splunk > Search Reference > analyzefields

Search Reference

 


Welcome
Search Overview
Search Commands
Custom Search Commands

analyzefields

This documentation does not apply to the most recent version of Splunk. Click here for the latest version.

Contents

analyzefields

Synopsis

Analyzes numerical fields for their ability to predict another discrete field.

Syntax

af | analyzefields classfield=field

Arguments

classfield
Datatype: <field>
Description: For best results, classfield should have 2 distinct values, although multi-class analysis is possible.


Description

Using field as a discrete random variable, analyze all *numerical* fields to determine the ability for each of those fields to predict the value of the classfield. For best results, classfield should have 2 distinct values, although multi-class analysis is possible.

Examples

Example 1: Analyze the numerical fields to predict the value of "is_activated".

... | af classfield=is_activated


See also

anomalousvalue

Retrieved from "http://docs.splunk.com/Documentation/Splunk/4.0.4/SearchReference/Af"

This documentation applies to the following versions of Splunk: 4.0 , 4.0.1 , 4.0.2 , 4.0.3 , 4.0.4 , 4.0.5 , 4.0.6 , 4.0.7 , 4.0.8 , 4.0.9 , 4.0.10 , 4.0.11 View the Article History for its revisions.


You must be logged into splunk.com in order to post comments. Log in now.

Was this documentation topic helpful?

If you'd like to hear back from us, please provide your email address:

We'd love to hear what you think about this topic or the documentation as a whole. Feedback you enter here will be delivered to the documentation team.

Feedback submitted, thanks!