Splunk Search
×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question

How do I add an extra row to calculate the average of the rows above?

BobKimata
Path Finder
‎03-30-2015 05:38 PM

I have connected to my database using Splunk DBConnect and using a simple sql query I have managed to get some data from the table. However I would like to have just one entry displayed that contains the average of the data above. How do I go about that? I am new to splunk.

Tags (2)
Reply

jawaharas
Motivator
‎03-11-2019 06:34 PM

This works for me.

..| timechart span=1d count|appendpipe [stats avg(count) as Average]

Thanks to @echalex

0 Karma
Reply

echalex
Builder
‎08-03-2018 04:15 AM

The correct command for this would be appendpipe.

Say you have something like: ...|stats sum(score) AS totalscore by item. Then you can do this: ...|appendpipe [stats avg(totalscore) AS totalscore |eval item="AVERAGE"]. (You need to use AS in appendpipe in order to put the average in the same column. You can leave item empt, if you want.)

Reply

vganjare
Builder
‎03-30-2015 11:08 PM

Hi,

You can try using search command addcoltotals.

Thanks!!

0 Karma
Reply
Get Updates on the Splunk Community!

Splunk + ThousandEyes: Correlate frontend, app, and network data to troubleshoot ...

 Are you tired of troubleshooting delays caused by siloed frontend, application, and network data? We've got a ...

Splunk Observability for AI

Don’t miss out on an exciting Tech Talk on Splunk Observability for AI!Discover how Splunk’s agentic AI ...

🔐 Trust at Every Hop: How mTLS in Splunk Enterprise 10.0 Makes Security Simpler

From Idea to Implementation: Why Splunk Built mTLS into Splunk Enterprise 10.0  mTLS wasn’t just a checkbox ...