Solved: Find the date on max value

jgan · ‎09-20-2019

I have a table below, how can I find the date I have the most income? Thanks.

date Income

9/18/2019 20.7651
9/17/2019 20.7656
9/16/2019 20.7539
9/13/2019 20.7661
9/12/2019 20.762
9/11/2019 20.7502
9/10/2019 20.7162
9/9/2019 20.7163
9/6/2019 20.716
9/5/2019 20.7055
9/4/2019 20.6596
9/3/2019 20.6115

richgalloway · ‎09-20-2019

Here's one way, there may be others.

<your search> | streamstats window=0 max(income) as maxIncome | where income=maxIncome

---
If this reply helps you, Karma would be appreciated.

View solution in original post

jgan · ‎09-22-2019

streamstats did not work for me for some reasons, but eventstats works!

richgalloway · ‎09-20-2019

Here's one way, there may be others.

<your search> | streamstats window=0 max(income) as maxIncome | where income=maxIncome

---
If this reply helps you, Karma would be appreciated.

Find the date on max value

[Puzzles] Solve, Learn, Repeat: Word Search

[Puzzles] Solve, Learn, Repeat: Advent of Code - Day 4

GA: S3 Promote for Historical Data Ingestion in Splunk Cloud

Join the Conversation

Find the date on max value

[Puzzles] Solve, Learn, Repeat: Word Search

[Puzzles] Solve, Learn, Repeat: Advent of Code - Day 4

GA: S3 Promote for Historical Data Ingestion in Splunk Cloud