Solved: Calculate averaage response time when number of tr...

JYTTEJ · ‎10-21-2010

I need to calculate average response time (ELT) by service (SVC) if number of trx by service is >5 within the last 4 hours

Following search result in a list of services where number of trx > 5 during the last 4 hours:

SEARCH earliest=-4h| STATS COUNT BY SVC | where COUNT>5

I now want to calculate AVG(ELT) for these services - but adding:

| timechart AVG(ELT) BY SVC

gives 0 results!

What do I do wrong?

gkanapathy · ‎10-21-2010

search earliest=-4h | stats count,avg(elt) by svc | where count > 5

ziegfried · ‎11-18-2010

earliest=-4h | stats count,avg(elt) as avg_elt by svc | where count>5 AND avg_elt>0.05

gkanapathy · ‎10-21-2010

search earliest=-4h | stats count,avg(elt) by svc | where count > 5

JYTTEJ · ‎10-22-2010

Thank you!Now I only want to see those svc where AVG(ELT) is greater than e.g. 0.05 - how do I do that?

Calculate averaage response time when number of trx > x within last y hours