Splunk Enterprise
×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question
Solved! Jump to solution

How to find the duration in minutes between two events from _time ?

mihir_hardas
Explorer
‎05-19-2022 01:52 AM

How to find the duration in minutes between two events from _time ?

 
index=log-13120-nonprod-c laas_appId=qbmp.prediction* "pushed to greenplum for predictionId"
2022-05-19 03:37:30,108 jobRunStats INFO Current Predictions, total=1659262 pushed to greenplum for predictionId = fe387967-2f11-4358-8b27-c51a45042e79
2022-05-19 03:26:29,085 jobRunStats INFO Current Predictions, total=1659262 pushed to greenplum for predictionId = 473866d5-c7b1-4156-90a0-de978b260e8d
 
I simply want diff between the above two and then show a line graph of cycle time length in minutes.
So then output will be 
11mins
14mins
7 mins 

And then I want to plot a line graph that will tell me length of my cycle time 
 
I do not want to use transation
Labels (1)
Labels
Tags (1)
0 Karma
Reply
1 Solution
Solved! Jump to solution
Solution

ITWhisperer
SplunkTrust
SplunkTrust
‎05-19-2022 02:34 AM

 

| sort 0 _time
| streamstats window=2 range(_time) as timediff
| eval timediffmins=timediff/60

 

View solution in original post

0 Karma
Reply
Solved! Jump to solution
Solution

ITWhisperer
SplunkTrust
SplunkTrust
‎05-19-2022 02:34 AM

 

| sort 0 _time
| streamstats window=2 range(_time) as timediff
| eval timediffmins=timediff/60

 

0 Karma
Reply
Solved! Jump to solution

mihir_hardas
Explorer
‎05-19-2022 10:57 PM

Yes this works ! Many thanks 

0 Karma
Reply
Get Updates on the Splunk Community!

Observe and Secure All Apps with Splunk

  Join Us for Our Next Tech Talk: Observe and Secure All Apps with SplunkAs organizations continue to innovate ...

Splunk Decoded: Business Transactions vs Business IQ

It’s the morning of Black Friday, and your e-commerce site is handling 10x normal traffic. Orders are flowing, ...

Fastest way to demo Observability

I’ve been having a lot of fun learning about Kubernetes and Observability. I set myself an interesting ...