Splunk Search
×

Join the Conversation

Without signing in, you're just watching from the sidelines. Sign in or Register to connect, share, and be part of the Splunk Community.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question

How to calculate the columns and draw charts from SPLUNK DB connect query output

deepthi5
Path Finder
‎04-30-2015 02:39 AM

Hello Team,

Here is the issue scenario i am facing i have got a DB with the following columns
ID
SERVICE_NAME
SERVER_ID
volume
START TIME END TIME

I want to draw a chart using these columns. Example:For each server Total items =SUM(VOLUME), processing time= Start time- End time,
I have configured Db connect and retrieved the required columns. now i am not understanding how should i do these calculations to the db query

db query--> Select SERVICE_NAME,Volume from xxxx WHERE SERVICE_NAME='xxxx'

stats sum(Volume) as totalitems by _time,SERVER_ID

can some one tell me how should i combine both

Thanks ,
Deepthi

0 Karma
Reply

fdi01
Motivator
‎05-01-2015 05:58 AM

to combine both try like this:

|dbquery  YOUR_NAME_DB  "Select SERVICE_NAME,Volume from xxxx WHERE SERVICE_NAME='xxxx' "| stats sum(Volume) as totalitems by _time,SERVER_ID
0 Karma
Reply

deepthi5
Path Finder
‎05-04-2015 03:26 AM

I have tried that but it did not work out please help me out i am stucked here

0 Karma
Reply

vganjare
Builder
‎05-04-2015 03:47 AM

Hi deepthi5,

What output you are getting? And what is the expected output?

Thanks.

0 Karma
Reply

vganjare
Builder
‎04-30-2015 04:35 AM

Hi,

You can try using dbquery command from DBConnect app. You can also combine the splunk commands once you get the results.

http://answers.splunk.com/answers/121145/combine-db-connect-and-search-data.html

More details @ http://docs.splunk.com/Documentation/DBX/latest/DeployDBX/Commands

Thanks,
Vishal

0 Karma
Reply
Get Updates on the Splunk Community!

[Puzzles] Solve, Learn, Repeat: Dynamic formatting from XML events

This challenge was first posted on Slack #puzzles channelFor a previous puzzle, I needed a set of fixed-length ...

Enter the Agentic Era with Splunk AI Assistant for SPL 1.4

  🚀 Your data just got a serious AI upgrade — are you ready? Say hello to the Agentic Era with the ...

Stronger Security with Federated Search for S3, GCP SQL & Australian Threat ...

Splunk Lantern is a Splunk customer success center that provides advice from Splunk experts on valuable data ...