Splunk Search
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

Eval function for Variable Calculations

kulwindersandhu
New Member
‎04-19-2020 03:14 AM

I have a logic which I want to implement in Splunk, but I'm getting confused with the syntax.Let me explain what I am trying to achieve:

I have three variables: Multiplier, NAS, Tolls.

Now for weightage I have implemented an idea where the Multipliers will work according to the year it was paid. So, for example:
2020=1, 2019=0.9, 2018=0.8 ----2010=0.

NAS, it will work as an variable which user will have to input but it has to be between 1 to 5.

Tolls, this will be like say X no. of tolls occur in a particular area so, X=x1+x2+x3
X=(No. of tolls*Multiplier of toll occur)

For example, 6 tolls occur in 2018, 3 in 2019 and 6 in 2020. The equation will look like this:
X= {(6*0.8)+(3*0.9)+(6*1)}
X=13.5

Now I want to evaluate the Total Weight, so the formula is=1- NAS(manual input)*X/100, And display the answer.

0 Karma
Reply

to4kawa
Ultra Champion
‎04-19-2020 03:21 PM

I see your logic.

aggregate by eventstats count(tolls) by year.
so you can calculate with eval

0 Karma
Reply
Get Updates on the Splunk Community!

Webinar Recap | Revolutionizing IT Operations: The Transformative Power of AI and ML ...

The Transformative Power of AI and ML in Enhancing Observability   In the realm of IT operations, the ...

.conf24 | Registration Open!

Hello, hello! I come bearing good news: Registration for .conf24 is now open!   conf is Splunk’s rad annual ...

ICYMI - Check out the latest releases of Splunk Edge Processor

Splunk is pleased to announce the latest enhancements to Splunk Edge Processor.  HEC Receiver authorization ...