This is “Learn Splunk Lab” first question.
I try 258.171 / 258171 but it doesn’t work. In this image I’ve filtered to HTTP/1.1 for the see all web requests. How isn’t true?
Mistake is in the filter or anything…?
Edited: Problem solved! 
You applied a time filter as during Thu, Dec 7, 2023. Why did you apply a time filter in the Splunk search? If you select the “All time” option, it will display all requests. Since all these logs are access log entries, they are all web requests, so there’s no need to filter by HTTP/1.1.
Thanks for the reply but same result 
I’ve do all time filter and delete HTTP filter. It’s show me 258,173 event but not the answer
It is showing a value higher than the expected result. After verifying the answer by checking newline count of the log file, you can check what might be going wrong within Splunk
@dayandnight please help.
Have you been able to solve the challenge?
Yeap, solved. Thanks for attention…
Merhabalar, bu soruda bende takıldım siz nasıl çözüm buldunuz ? Yardımcı olabilir misiniz ?
Benim bulduğum değer " 221,210 events " şeklinde
sadece sayı olarak yazmınz gerekiyor
Çok teşekkür ederim 
