Solved: Re: How to calculate sum of two field values?

leujinlove · ‎10-29-2014

I got a search result as below.

ClientType count

SI 130
Competotor1 115
Partner 70
Competotor2 20

However, I like to change the result, as sum of the count values of Competotor1 and Competotor2 is Competotor_total and delete the values of Competotor1 and Competotor2.
The changed result will be

ClientType count

Competotor_Total 135
SI 130
Partner 70

Could anyone help me how to do that?

Best Regards.

vasanthmss · ‎10-29-2014

Try this

| eval new_ClientType =if(ClientType LIKE "%Comp%", "Competotor_Total",ClientType ) | stats sum(count) by new_ClientType

V

View solution in original post

vasanthmss · ‎10-29-2014

Try this

| eval new_ClientType =if(ClientType LIKE "%Comp%", "Competotor_Total",ClientType ) | stats sum(count) by new_ClientType

V

leujinlove · ‎10-30-2014

Thanks to you, I could understand 'eval if' function.
Thanks a lot.

neeldesai1992 · ‎10-11-2017

But how did you add two functions?

How to calculate sum of two field values?

Index This | What is broken 80% of the time by February?

Unlock Faster Time-to-Value on Edge and Ingest Processor with New SPL2 Pipeline ...

Splunk MCP & Agentic AI: Machine Data Without Limits

Join the Conversation

How to calculate sum of two field values?

Index This | What is broken 80% of the time by February?

Unlock Faster Time-to-Value on Edge and Ingest Processor with New SPL2 Pipeline ...

Splunk MCP & Agentic AI: Machine Data Without Limits