How to add percentages to all the fields?

inkedia · ‎04-13-2022

| lookup local=true ipasncidr_def CIDR as dest_ip output Organization
| lookup src_eonid_name.csv SRC_EONID OUTPUT "SRC_EONID NAME"
| top limit=3 "SRC_EONID NAME", dest_ip, dest_port, servicenow, Organization by SRC_EONID
| stats values(dest_ip) as "Destination" dc(dest_ip) as "Destination IP count" values(Organization) as "Organization" values(dest_port) as "Dest Ports" values(servicenow) as "Service now Tickets" by "SRC_EONID NAME" SRC_EONID

Hi everyone.
So I have this query that is being saved as dashboard(statistical table.). Is there a way I can include percentages for all the fields captured in the statistical table.

bowesmana · ‎04-13-2022

It looks like you only have 1 numerical field in your output - dc(dest_ip). What would the percentage show that you want and what do you want the percentage to show for the other fields, e.g. Service now Tickets?

inkedia · ‎04-13-2022

This is what I'm trying to achieve

SRC_EON NAME

SRC_EON

Dest IP

Organization

Service now ticket

Dest port

ABA

3311

********* 88.94%

********* 5.12%
********* 3.32%
others

Google
Microsoft

TASK132325 80%

449 100%

How to add percentages to all the fields?

other

stats

table

Enterprise Security Content Update (ESCU) | New Releases

Why am I not seeing the finding in Splunk Enterprise Security Analyst Queue?

Index This | What are the 12 Days of Splunk-mas?