Solved: Re: How to add two field values into new field?

vinothkumark

I have a field A which has percentage values. Also, I have a field B which has percentage values in it. Both are different values.

Now I want to create a new field which adds both the values.

A B

10% 30%

20% 50%

30% 70%

The query should fetch me the results like below:

C

40%

70%

100%

fredclown

This should work.

| makeresults
| eval A = "10%"
| eval B = "20%"
```The stuff above is just to get sone sample data```
| eval C = tonumber(replace(A,"\D","")) + tonumber(replace(B,"\D","")) . "%"

View solution in original post

vinothkumark

@fredclown
Thanks for input. It works. Can you help on the query if the values are in decimal?
A B

10.5 20.3

C
30.8

fredclown

This should work.

| makeresults
| eval A = "10%"
| eval B = "20%"
```The stuff above is just to get sone sample data```
| eval C = tonumber(replace(A,"\D","")) + tonumber(replace(B,"\D","")) . "%"

fredclown

This should work with decimals and non-numeric characters.

| makeresults
| eval A = "10.5% sdfgdsfgjlk"
| eval B = "20.2% gdsfdf"
```The stuff above is just to get sone sample data```
| eval C = tonumber(replace(A,"[^0-9\.]+","")) + tonumber(replace(B,"[^0-9\.]+","")) . "%"

How to add two field values into new field?

eval

stats

timechart

New Splunk Observability innovations: Deeper visibility and smarter alerting to ...

Synthetic Monitoring: Not your Grandma’s Polyester! Tech Talk: DevOps Edition

Instrumenting Java Websocket Messaging