This section discusses how to calculate summary statistics on events. When you think about calculating statistics with Splunk's search processing language (SPL), the stats command is probably what comes to mind first. The stats command generates reports that display summary statistics in a tabular format. Additionally, you can use the chart and timechart commands to create charted visualizations for summary statistics and the geostats command to create map visualizations for summary statistics of events that include geographical location fields.

The stats, chart, and timechart commands (and their related commands eventstats, geostats and streamstats) are designed to work in conjunction with statistical functions. For examples of searches using these commands and functions, read "Use the stats command and functions".

Later topics discuss how to:

• "Use stats with eval expressions and functions" to calculate statistics.
• "Add sparklines to report tables".