Solved: Re: How to calculate the percentage of total bytes...

jwalzerpitt · ‎10-25-2022

I am having a brain fart on trying to figure out how to find the total bytes per application and the the percent of each app by total bytes.

For example:

app	bytes in GB	percentage
SSL	300GB	23%
DNS	100GB	13%
etc	etc	etc

Current search is this:

index=foo 
| eventstats sum(bytes) as total_bytes 
| stats sum(bytes) as total first(total_bytes) as total_bytes by app 
| eval CompliancePct=round(total/total_bytes,2)

Any help would be appreciated

johnhuang · ‎10-25-2022

<base_search>
| stats sum(bytes) AS bytes by app
| eventstats sum(bytes) AS total_bytes
| eval percentage=ROUND((bytes/total_bytes)*100, 2)." %"
| eval app_size_gb=ROUND(bytes/1073741824, 2)
| eval total_size_gb=ROUND(total_bytes/1073741824, 2)
| table app app_size_gb total_size_gb percentage

View solution in original post

johnhuang · ‎10-25-2022

<base_search>
| stats sum(bytes) AS bytes by app
| eventstats sum(bytes) AS total_bytes
| eval percentage=ROUND((bytes/total_bytes)*100, 2)." %"
| eval app_size_gb=ROUND(bytes/1073741824, 2)
| eval total_size_gb=ROUND(total_bytes/1073741824, 2)
| table app app_size_gb total_size_gb percentage

jwalzerpitt · ‎10-25-2022

TYVM!

How to calculate the percentage of total bytes by app?

stats

Extending Observability Content to Splunk Cloud

More Control Over Your Monitoring Costs with Archived Metrics!

New in Observability Cloud - Explicit Bucket Histograms