Solved: How do you get multiple percentage results in one ...

stephenmeyers · ‎02-15-2019

I would like to report the total number games played per team, and the percentage of wins, losses, and ties by team. Example data:

team=A result=win
team=A result=loss
team=B result=win
team=B result=win
team=B result=tie
team=A result=loss
team=B result=win

Desired Splunk output:

Team    Games Played    Win %    Loss %    Tie %
A       3               33%      66%       0%
B       4               75%      0%        25%

vnravikumar · ‎02-15-2019

Hi @stephenmeyers

Try this, considered column name asTeam,Result in index

your query...| stats count as played, count(eval(Result=="win")) as win,count(eval(Result=="loss")) as loss,count(eval(Result=="tie")) as tie by Team 
| eval loss=round(loss/played*100,2)."%", win=round(win/played*100,2)."%", tie=round(tie/played*100,2)."%" 
| rename played as "Game Played", win as "Win%", loss as "Loss%", tie as "Tie%"

View solution in original post

vnravikumar · ‎02-15-2019

Hi @stephenmeyers

Try this, considered column name asTeam,Result in index

your query...| stats count as played, count(eval(Result=="win")) as win,count(eval(Result=="loss")) as loss,count(eval(Result=="tie")) as tie by Team 
| eval loss=round(loss/played*100,2)."%", win=round(win/played*100,2)."%", tie=round(tie/played*100,2)."%" 
| rename played as "Game Played", win as "Win%", loss as "Loss%", tie as "Tie%"

How do you get multiple percentage results in one table?

Announcing Scheduled Export GA for Dashboard Studio

Extending Observability Content to Splunk Cloud

More Control Over Your Monitoring Costs with Archived Metrics GA in US-AWS!