## Splunk- Transforming CommandsThe search must transform the event data into statistical data tables to create visualizations of the charts. These statistical tables are required for visualization of charts and other kinds of data. In this section, we will explain how to use It will provide a piece of brief information on transforming commands and searches for more information about transforming commands and their role in creating statistical tables and chart visualizations. ## TransformingA If used to measure column totals (not row totals), transforming commands include a map, timecart, details, top, uncommon, and addtotals. Our search must transform the event data into statistical data tables to create visualizations of the charts. These statistical tables are needed for visualization of charts and other kinds of data. Here we will learn how to use the transform commands to extract data from events. This Splunk tutorial explains the major transforming command categories and offers examples of how they can be used in a search. ## Transforming commandsThe primary transforming commands are: - charts: Build charts that can show any data series you wish to plot. On the chart's x-axis, you can determine which field is tracked.
- timechart: Used to create reports about "trend over time," which means that time is always the x-axis.
- top: Generates charts that show the most common field values.
- rare: Create charts that display the least common field values.
- stats: Produces a report displaying summary statistics.
## Note: We always place our transforming commands after our search commands, linking them to a pipe operator.The commands - count, distinct count
- mean, median, mode
- min, max, range, percentiles
- standard deviation, variance
- sum
- the first occurrence, last occurrence
Some statistical functions only work with the ## Note: All searches create different data structures with transforming commands. The different chart forms allow these data structures to be set up in particular ways. For example, not all searches will enable us to generate bar, column, line, and area charts. They are automatically chosen as per the need of the data. The charts are selected in which it can be best represented.We can use real-time search to measure metrics on large incoming data flows in real-time, without using summary indexing. However, our report on a live and continuous data stream will update the timeline as the events come in, and we can only display the table or map in preview mode. Certain search commands will also be more applicable for real-time use. ## HighlightThis command is used to highlight particular words in the result set of searches. It is used by providing a highlight feature with the search terms as arguments. Separating them with a comma provides several search words. In the example below, we look at the result set for terms, ## NOTE |