Hello All
I have been looking on the forum for a solution on how to calculate the average weighted. I see several options, but not a clear one using the actual statistical approach: https://en.wikipedia.org/wiki/Weighted_arithmetic_mean.
Basically, I would like to try this:
Hits AVG RT Call
10 5 A
4 3 B
10 3 A
12 6 B
3 7 B
45 8 A
The idea is to follow the algorithm mentioned, calculating sum((hits* AVG RT)/sum(hits)) per call.
I tried on my own, but I am not an expert yet here on Splunk nomenclature.
Any help will be appreciated.
Thank you in advance!
Try adding these 4 lines
...
| eval temp=hits * 'AVG RT'
| eventstats sum(hits) as totalhits sum(temp) as sumtemp
| eval wt_rt = sumtemp / totalhits
| fields - sumtemp totalhits
I think this is close, but doesn't actually capture the "grouped per call" aspect of the original question.