Splunk Search
×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question

Can anyone please help in finding percent_rank of a field

sahil237888
Path Finder
‎12-18-2019 07:48 AM

Can anyone please help what could be the equivalent to SQL's "percent_Rank" command in splunk

select host, count(*) "pings",
TRUNC(PERCENT_RANK(200) WITHIN GROUP (ORDER BY proc_time) * 100, 2) || '%' "PingTime (% < 50 mSec)" from servers GROUP BY host ORDER BY 2 DESC
0 Karma
Reply

to4kawa
Ultra Champion
‎12-18-2019 11:48 AM 
your search
| top limit=200 proc_time by host
| eval "PingTime (% < 50 mSec)"=round(percent,2)."%"

It is like this.

0 Karma
Reply

woodcock
Esteemed Legend
‎12-18-2019 10:45 AM

You should just be able to pipe your data to top and get what you need:
https://docs.splunk.com/Documentation/Splunk/latest/SearchReference/Top
Or, if you mean percentiles, then you can use stats percX(Y) function for that:
https://docs.splunk.com/Documentation/Splunk/latest/SearchReference/Aggregatefunctions#perc.26lt.3BX...

0 Karma
Reply

oscar84x
Contributor
‎12-18-2019 09:16 AM

I am not familiar with that command but perhaps some of the functions in the link below could help?

https://docs.splunk.com/Documentation/Splunk/8.0.0/SearchReference/Aggregatefunctions

0 Karma
Reply
Career Survey
First 500 qualified respondents will receive a $20 gift card! Tell us about your professional Splunk journey.
Take the Survey
Get Updates on the Splunk Community!

Tech Talk Recap | Mastering Threat Hunting

Mastering Threat HuntingDive into the world of threat hunting, exploring the key differences between ...

Observability for AI Applications: Troubleshooting Latency

If you’re working with proprietary company data, you’re probably going to have a locally hosted LLM or many ...

Splunk AI Assistant for SPL vs. ChatGPT: Which One is Better?

In the age of AI, every tool promises to make our lives easier. From summarizing content to writing code, ...