https://community.splunk.com/t5/Splunk-Search/Extracting-Plotting-Splunk-data/m-p/75397#M19057 <P>Assume we have a log file with at least the following fields</P> <PRE><CODE> timestamp field A field B field C ..... ex: 1316018215 u1 105 a 1316018215 u2 30 a 1316018215 u3 550 c 1316018215 u2 21 a 1316018215 u1 65 b 1316018215 u3 105 a 1316018215 u2 34 b 1316018215 u1 105 c </CODE></PRE> <P>The question: I would like to ask the following questions of this data</P> <PRE><CODE>1. Plot for me a graph of Unique C vs. (sum of B for each unique C ) 2. Plot for me a graph of Unique C vs. (sum of B for each unique C div count of occurrences). </CODE></PRE> Wed, 14 Sep 2011 17:05:11 GMT netwrkr 2011-09-14T17:05:11Z https://community.splunk.com/t5/Splunk-Search/Extracting-Plotting-Splunk-data/m-p/75397#M19057 <P>Assume we have a log file with at least the following fields</P> <PRE><CODE> timestamp field A field B field C ..... ex: 1316018215 u1 105 a 1316018215 u2 30 a 1316018215 u3 550 c 1316018215 u2 21 a 1316018215 u1 65 b 1316018215 u3 105 a 1316018215 u2 34 b 1316018215 u1 105 c </CODE></PRE> <P>The question: I would like to ask the following questions of this data</P> <PRE><CODE>1. Plot for me a graph of Unique C vs. (sum of B for each unique C ) 2. Plot for me a graph of Unique C vs. (sum of B for each unique C div count of occurrences). </CODE></PRE> Wed, 14 Sep 2011 17:05:11 GMT https://community.splunk.com/t5/Splunk-Search/Extracting-Plotting-Splunk-data/m-p/75397#M19057 netwrkr 2011-09-14T17:05:11Z https://community.splunk.com/t5/Splunk-Search/Extracting-Plotting-Splunk-data/m-p/75398#M19058 <P>#1:</P> <PRE><CODE>&lt;yourbasesearch&gt; | stats sum(B) by C </CODE></PRE> <P>#2:</P> <PRE><CODE>&lt;yourbasesearch&gt; | stats avg(B) by C </CODE></PRE> Wed, 14 Sep 2011 17:28:49 GMT https://community.splunk.com/t5/Splunk-Search/Extracting-Plotting-Splunk-data/m-p/75398#M19058 Ayn 2011-09-14T17:28:49Z