Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Dashboards & Visualizations
×
Are you a member of the Splunk Community?
Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
- Find Answers
- :
- Using Splunk
- :
- Dashboards & Visualizations
- :
- Average page views at a user level for a given pag...
Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark Topic
- Subscribe to Topic
- Mute Topic
- Printer Friendly Page
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
tmtcollins
Explorer
03-06-2020
08:14 AM
I have a table:
PageID, UserName, Date, count of hits to that page,
I would like to find the average daily page hits, per article at a UserID level. (for the top 100 most frequently viewed pages)
So for example,
Person xyz, on average views page x, n number of times per day over the last week.
This is the start of the query...
... | bucket span=1d _time| stats count by PageID, UserName , _time | sort - count |head 100
Any help much appreciated.
1 Solution
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
woodcock
Esteemed Legend
03-06-2020
11:54 AM
Try this:
... | bucket span=1d _time
| stats count BY PageID, UserName , _time
| rename COMMENT AS "Calculate and keep the 100 most popular pages"
| eventstats sum(count) AS grandTotal BY PageID
| sort 0 - grandTotal
| streamstats dc(PageID) AS PageRank
| search PageRank <= 100
| rename COMMENT AS "Find avg daily hits per PageID per UserID"
| stats avg(count) AS DailyPageHits BY PageID UserID
Or, more simply this:
... | bin _time span=1h
| top limit=100 PageID BY UserID _time
| stats avg(count) AS DailyPageHits BY PageID UserID
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
woodcock
Esteemed Legend
03-06-2020
11:54 AM
Try this:
... | bucket span=1d _time
| stats count BY PageID, UserName , _time
| rename COMMENT AS "Calculate and keep the 100 most popular pages"
| eventstats sum(count) AS grandTotal BY PageID
| sort 0 - grandTotal
| streamstats dc(PageID) AS PageRank
| search PageRank <= 100
| rename COMMENT AS "Find avg daily hits per PageID per UserID"
| stats avg(count) AS DailyPageHits BY PageID UserID
Or, more simply this:
... | bin _time span=1h
| top limit=100 PageID BY UserID _time
| stats avg(count) AS DailyPageHits BY PageID UserID
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
tmtcollins
Explorer
03-13-2020
10:58 AM
Amazing thank you sir.
Get Updates on the Splunk Community!
Modernize your Splunk Apps – Introducing Python 3.13 in Splunk
We are excited to announce that the upcoming releases of Splunk Enterprise 10.2.x and Splunk Cloud Platform ...
New Release | Splunk Cloud Platform 10.1.2507
Hello Splunk Community!We are thrilled to announce the General Availability of Splunk Cloud Platform 10.1.2507 ...
🌟 From Audit Chaos to Clarity: Welcoming Audit Trail v2
🗣 You Spoke, We Listened
Audit Trail v2 wasn’t written in isolation—it was shaped by your voices.
In ...
