Solved: How to calculate a percentage in a timechart table...

jip31 · ‎04-04-2022

hello

I timechart a lot of search in a table and it works perfectly

here is the result

But for the piece of code below I try to find a solution in order to be able to calculate a percentage between sign and eue2 and to timechart the results like above instead having a separate result for sign field and for eue2 result

| appendcols 
    [ search index=toto
    | timechart span=1h dc(sign) as sign  ] 
| append 
    [ search index=toto  
    | timechart span=1h dc(eue2) as eue2]

I need something like this :

| eval perc=(sign/eueu2) | timechart values(p) span=1h

could you help please?

ITWhisperer · ‎04-04-2022

| transpose 0 header_field=KPI column_name=KPI
| eval percentage=round(100*sign/eue2,2)
| transpose 0 header_field=KPI column_name=KPI

View solution in original post

ITWhisperer · ‎04-04-2022

| transpose 0 header_field=KPI column_name=KPI
| eval percentage=round(100*sign/eue2,2)
| transpose 0 header_field=KPI column_name=KPI

jip31 · ‎04-04-2022

oh thanks

How to calculate a percentage in a timechart table?

other

Announcing Scheduled Export GA for Dashboard Studio

Extending Observability Content to Splunk Cloud

More Control Over Your Monitoring Costs with Archived Metrics GA in US-AWS!