Splunk Search
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

Auto Group Result

yap
Explorer
‎02-21-2013 12:03 AM

Hi,

I would like to group my product based on weight.

Sample logs are:

Product ID | Weight

00368001a1 | 1.4kg

00368001d1 | 1.3kg

00368002a1 | 0.9kg

00368003a1 | 2.0kg

00368004a1 | 1.5kg

I need to set weight(+ or - between 0.5).
0.5 - 1.4kg as A and 1.5 - 2.4kg is group as B
Instead of manually defining as what I am currently doing:
| eval total_weight=case(weight<0.5,"A",weight<1.4,"B",weight<2.4,"C") | stats count by total_weight
Any help is greatly appreciated.

Tags (1)
0 Karma
Reply

martin_mueller
SplunkTrust
SplunkTrust
‎02-21-2013 01:27 AM

Bucket with a span of 1 would give you +/-0.5kg values, you just have to strip off the "kg" first to make it numerical. I'm not sure if you can do 0.5-1.5 groups though, it tends to create 0-1 buckets instead. If all else fails, shift your weights up by half a kilo 🙂

0 Karma
Reply

yap
Explorer
‎02-21-2013 01:35 AM

Thanks Martin

0 Karma
Reply
Get Updates on the Splunk Community!

.conf24 | Registration Open!

Hello, hello! I come bearing good news: Registration for .conf24 is now open!   conf is Splunk’s rad annual ...

ICYMI - Check out the latest releases of Splunk Edge Processor

Splunk is pleased to announce the latest enhancements to Splunk Edge Processor.  HEC Receiver authorization ...

Introducing the 2024 SplunkTrust!

Hello, Splunk Community! We are beyond thrilled to announce our newest group of SplunkTrust members!  The ...