Dashboards & Visualizations
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

Average of Time Bucket Over Time

davidlapello
Engager
‎06-23-2020 01:58 PM

I want to create a dashboard that shows 2 things.  First, it will search over the last 60 minutes for total errors. 

sourcetype=blabla  error

And, it will look for average errors for the same time period over the past month.  For example, if the search is ran at 14:29, it will show the average errors for 13:30-14:29 for each day over the last month, preferably just weekdays.  

So, it will show a stats table with two results.  Total errors for the last 60 minutes, and average errors over that time period for the last month.

 

Thanks

Labels (1)
Labels
0 Karma
Reply
Get Updates on the Splunk Community!

Data Preparation Made Easy: SPL2 for Edge Processor

By now, you may have heard the exciting news that Edge Processor, the easy-to-use Splunk data preparation tool ...

Introducing Edge Processor: Next Gen Data Transformation

We get it - not only can it take a lot of time, money and resources to get data into Splunk, but it also takes ...

Tips & Tricks When Using Ingest Actions

Tune in to learn about:Large scale architecture when using Ingest ActionsRegEx performance considerations ...