Solved: Re: Time taken to Resolve Incident

amitpanjawani · ‎10-19-2016

I need to calculate average time take to resolve different incidents in splunk. If anybody have query for same??

amitpanjawani · ‎07-22-2019

In the end, I have created a solution for it myself. https://splunkbase.splunk.com/app/4591/

amitpanjawani · ‎07-22-2019

In the end, I have created a solution for it myself. https://splunkbase.splunk.com/app/4591/

prashant_shriva · ‎11-19-2017

I have the same requirement.
I need to calculate the average time for all the notables to get resolved over a 30 day period.
Can anyone help me with the splunk query regarding same?

Regards
Prashant

chskm · ‎10-19-2016

Amit,

I couldn't get the question properly. Could you please explain in precise.

Saikrishna

amitpanjawani · ‎10-21-2016

We have different notable search and have alerts to trigger for same. I need to have query which shows when incident status changes to "in progress" and when to "resolve" and average ( consider for monthly ) time taken to resolve it.

Time taken to Resolve Incident

Using Machine Learning for Hunting Security Threats

Observability Newsletter Highlights | March 2023

Security Newsletter Updates | March 2023