Eval function for Variable Calculations

kulwindersandhu · ‎04-19-2020

I have a logic which I want to implement in Splunk, but I'm getting confused with the syntax.Let me explain what I am trying to achieve:

I have three variables: Multiplier, NAS, Tolls.

Now for weightage I have implemented an idea where the Multipliers will work according to the year it was paid. So, for example:
2020=1, 2019=0.9, 2018=0.8 ----2010=0.

NAS, it will work as an variable which user will have to input but it has to be between 1 to 5.

Tolls, this will be like say X no. of tolls occur in a particular area so, X=x1+x2+x3
X=(No. of tolls*Multiplier of toll occur)

For example, 6 tolls occur in 2018, 3 in 2019 and 6 in 2020. The equation will look like this:
X= {(6*0.8)+(3*0.9)+(6*1)}
X=13.5

Now I want to evaluate the Total Weight, so the formula is=1- NAS(manual input)*X/100, And display the answer.

to4kawa · ‎04-19-2020

I see your logic.

aggregate by eventstats count(tolls) by year.
so you can calculate with eval

Eval function for Variable Calculations

Observability Unlocked: Kubernetes Monitoring with Splunk Observability Cloud

Update Your SOAR Apps for Python 3.13: What Community Developers Need to Know

October Community Champions: A Shoutout to Our Contributors!

Are you a member of the Splunk Community?

Eval function for Variable Calculations

Observability Unlocked: Kubernetes Monitoring with Splunk Observability Cloud

Update Your SOAR Apps for Python 3.13: What Community Developers Need to Know

October Community Champions: A Shoutout to Our Contributors!