Splunk Search
×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question
Solved! Jump to solution

Calculation of area of a graph

nebel
Communicator
‎11-20-2012 01:01 AM

Hi there,

today I have a special question. I am not sure how to realise this.
I have on the one hand a lot of performance values, like 20, 13, 15. On the other hand I have the time stamps for those performance values. It mean, I can create easily a graph. No I am adding a extra line, called recommendation of 10.

Now we have a graph and a line which is the treshold line.

The idea is now, to calculate the area which is higher than the recommodation. I already found the mathematic phrase but I think there is maybe another way to realise this. With a mathematic phare it is so complex...

Could you please advise me how I can realise this? Any kind of ideas are more than welcome.

Thank you very much in advance

Regards

Tags (3)
0 Karma
Reply
1 Solution
Solved! Jump to solution
Solution

alacercogitatus
SplunkTrust
SplunkTrust
‎11-20-2012 03:18 AM

Calculating area under a curve normally requires calculus and integration to properly calculate. However, you can try and approximate it. What I would do, since you have each of the values of the area points, you can take the points with values higher than your threshold, subtract the threshold value (to get the value above the line) and sum them over the _time of your graph. A search may go something like this.

your_search|eval threshold = 10|where perf_value > threshold|eval diff_threshold = perf_value - threshold|stats sum(diff_threshold) as "Total 'Area' Above the Line"

View solution in original post

0 Karma
Reply
Solved! Jump to solution

nebel
Communicator
‎11-20-2012 05:33 AM

thank you for that.
Do you think it is more exactly with your idea instead of calculate the area?

Thanks

0 Karma
Reply
Solved! Jump to solution
Solution

alacercogitatus
SplunkTrust
SplunkTrust
‎11-20-2012 03:18 AM

Calculating area under a curve normally requires calculus and integration to properly calculate. However, you can try and approximate it. What I would do, since you have each of the values of the area points, you can take the points with values higher than your threshold, subtract the threshold value (to get the value above the line) and sum them over the _time of your graph. A search may go something like this.

your_search|eval threshold = 10|where perf_value > threshold|eval diff_threshold = perf_value - threshold|stats sum(diff_threshold) as "Total 'Area' Above the Line"

0 Karma
Reply
Get Updates on the Splunk Community!

Demo Day: Strengthen Your SOC with Splunk Enterprise Security 8.1

Today’s threat landscape is more complex than ever. Security operation centers (SOCs) are overwhelmed with ...

Dashboards: Hiding charts while search is being executed and other uses for tokens

There are a couple of features of SimpleXML / Classic dashboards that can be used to enhance the user ...

Splunk Observability Cloud's AI Assistant in Action Series: Explaining Metrics and ...

This is the fourth post in the Splunk Observability Cloud’s AI Assistant in Action series that digs into how ...