Documentation > Splunk > Search Reference > sitop

Search Reference

 


Introduction
Search Overview
Search Reference Overview
Search Commands and Functions
Search Command Reference
Custom Search Commands
Internal Search Commands
Search in the CLI

sitop

Contents

sitop

Synopsis

Summary indexing friendly versions of top command.

Syntax

sitop top_syntax

Arguments

Refer to the top command syntax.

Description

Summary indexing friendly versions of top command, using the same syntax. Does not require explicitly knowing what statistics are necessary to store to the summary index in order to generate a report.

Does require the top command used to process this data have the exact same arguments as were used with the sitop command to generate the data.

Examples

Example 1: Compute the necessary information to later do 'top foo bar' on summary indexed results.

... | sitop foo bar

See also

collect, overlap, sichart, sirare, sistats, sitimechart

Answers

Have questions? Visit Splunk Answers and see what questions and answers the Splunk community has using the sitop command.

Retrieved from "http://docs.splunk.com/Documentation/Splunk/4.2.3/SearchReference/Sitop"

This documentation applies to the following versions of Splunk: 4.1 , 4.1.1 , 4.1.2 , 4.1.3 , 4.1.4 , 4.1.5 , 4.1.6 , 4.1.7 , 4.1.8 , 4.2 , 4.2.1 , 4.2.2 , 4.2.3 , 4.2.4 , 4.2.5 , 4.3 , 4.3.1 , 4.3.2 , 4.3.3 , 4.3.4 , 4.3.5 , 4.3.6 , 5.0 , 5.0.1 , 5.0.2 View the Article History for its revisions.


You must be logged into splunk.com in order to post comments. Log in now.

Was this documentation topic helpful?

If you'd like to hear back from us, please provide your email address:

We'd love to hear what you think about this topic or the documentation as a whole. Feedback you enter here will be delivered to the documentation team.

Feedback submitted, thanks!