Dashboards & Visualizations
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

Average of Time Bucket Over Time

davidlapello
Engager
‎06-23-2020 01:58 PM

I want to create a dashboard that shows 2 things.  First, it will search over the last 60 minutes for total errors. 

sourcetype=blabla  error

And, it will look for average errors for the same time period over the past month.  For example, if the search is ran at 14:29, it will show the average errors for 13:30-14:29 for each day over the last month, preferably just weekdays.  

So, it will show a stats table with two results.  Total errors for the last 60 minutes, and average errors over that time period for the last month.

 

Thanks

Labels (1)
Labels
0 Karma
Reply
Get Updates on the Splunk Community!

Enterprise Security Content Updates (ESCU) - New Releases

In the last month, the Splunk Threat Research Team (STRT) has had 3 releases of new content via the Enterprise ...

Thought Leaders are Validating Your Hard Work and Training Rigor

As a Splunk enthusiast and member of the Splunk Community, you are one of thousands who recognize the value of ...

.conf23 Registration is Now Open!

Time to toss the .conf-etti 🎉 —  .conf23 registration is open!   Join us in Las Vegas July 17-20 for ...