Splunk Search
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question
Solved! Jump to solution

Calculate averaage response time when number of trx > x within last y hours

JYTTEJ
Communicator
‎10-21-2010 01:09 PM

I need to calculate average response time (ELT) by service (SVC) if number of trx by service is >5 within the last 4 hours

Following search result in a list of services where number of trx > 5 during the last 4 hours:

SEARCH earliest=-4h| STATS COUNT BY SVC | where COUNT>5

I now want to calculate AVG(ELT) for these services - but adding:

| timechart AVG(ELT) BY SVC

gives 0 results!

What do I do wrong?

Tags (1)
0 Karma
Reply
1 Solution
Solved! Jump to solution
Solution

gkanapathy
Splunk Employee
Splunk Employee
‎10-21-2010 02:43 PM

search earliest=-4h | stats count,avg(elt) by svc | where count > 5

View solution in original post

0 Karma
Reply
Solved! Jump to solution

ziegfried
Influencer
‎11-18-2010 05:26 PM 
earliest=-4h | stats count,avg(elt) as avg_elt by svc | where count>5 AND avg_elt>0.05
0 Karma
Reply
Solved! Jump to solution
Solution

gkanapathy
Splunk Employee
Splunk Employee
‎10-21-2010 02:43 PM

search earliest=-4h | stats count,avg(elt) by svc | where count > 5

0 Karma
Reply
Solved! Jump to solution

JYTTEJ
Communicator
‎10-22-2010 09:24 AM

Thank you!Now I only want to see those svc where AVG(ELT) is greater than e.g. 0.05 - how do I do that?

0 Karma
Reply
Get Updates on the Splunk Community!

Introducing the 2024 SplunkTrust!

Hello, Splunk Community! We are beyond thrilled to announce our newest group of SplunkTrust members!  The ...

Introducing the 2024 Splunk MVPs!

We are excited to announce the 2024 cohort of the Splunk MVP program. Splunk MVPs are passionate members of ...

Splunk Custom Visualizations App End of Life

The Splunk Custom Visualizations apps End of Life for SimpleXML will reach end of support on Dec 21, 2024, ...