Splunk Search
×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question

Auto Group Result

yap
Explorer
‎02-21-2013 12:03 AM

Hi,

I would like to group my product based on weight.

Sample logs are:

Product ID | Weight

00368001a1 | 1.4kg

00368001d1 | 1.3kg

00368002a1 | 0.9kg

00368003a1 | 2.0kg

00368004a1 | 1.5kg

I need to set weight(+ or - between 0.5).
0.5 - 1.4kg as A and 1.5 - 2.4kg is group as B
Instead of manually defining as what I am currently doing:
| eval total_weight=case(weight<0.5,"A",weight<1.4,"B",weight<2.4,"C") | stats count by total_weight
Any help is greatly appreciated.

Tags (1)
0 Karma
Reply

martin_mueller
SplunkTrust
SplunkTrust
‎02-21-2013 01:27 AM

Bucket with a span of 1 would give you +/-0.5kg values, you just have to strip off the "kg" first to make it numerical. I'm not sure if you can do 0.5-1.5 groups though, it tends to create 0-1 buckets instead. If all else fails, shift your weights up by half a kilo 🙂

0 Karma
Reply

yap
Explorer
‎02-21-2013 01:35 AM

Thanks Martin

0 Karma
Reply
Get Updates on the Splunk Community!

Modernize your Splunk Apps – Introducing Python 3.13 in Splunk

We are excited to announce that the upcoming releases of Splunk Enterprise 10.2.x and Splunk Cloud Platform ...

New Release | Splunk Cloud Platform 10.1.2507

Hello Splunk Community!We are thrilled to announce the General Availability of Splunk Cloud Platform 10.1.2507 ...

🌟 From Audit Chaos to Clarity: Welcoming Audit Trail v2

&#x1f5e3; You Spoke, We Listened  Audit Trail v2 wasn’t written in isolation—it was shaped by your voices.  In ...