Splunk Search

How to fetch the best business week-day for month of September ?

rajakabdual
New Member

Please help me with my search:

index=sales sourcetype=csv  source= sales_new.csv
Tags (1)
0 Karma

kmaron
Motivator
index=sales sourcetype=csv source= sales_new.csv date_month=september date_wday IN ("monday", "tuesday", "wednesday", "thursday", "friday")
| stats sum(sales) as dailysales by date_mday
| sort - dailysales limit=1

This will give you one single day with the most sales that is a weekday.

0 Karma

TISKAR
Builder

Hello,

And if you try this,

index=sales sourcetype=csv source= sales_new.csv date_month=september
| timechart span=1d count

Best

0 Karma

deepashri_123
Motivator

Hey rajakabdual,

Can u try the following query:

index=sales sourcetype=csv source= sales_new.csv earliest=-1mon@mon
| timechart span=1d count

Let me know if this helps!!

0 Karma

somesoni2
Revered Legend

When you do say a business day is "best"? Any specific field that you sum/count?

0 Karma

skoelpin
SplunkTrust
SplunkTrust

Assuming you want the highest count per day over a month period. Try this

 index=sales sourcetype=csv  source= sales_new.csv
| timechart span=1d count
0 Karma

rajakabdual
New Member

Hi skoelpin, thanks for answering but my query is i need only September month business weekdays only

0 Karma

adonio
Ultra Champion

please share some more love so we can better assist you
do you have time fields? a little sample data will help

0 Karma

rajakabdual
New Member

yes adonio, here some of my time fields are date_wday ,date_month

0 Karma
Get Updates on the Splunk Community!

See just what you’ve been missing | Observability tracks at Splunk University

Looking to sharpen your observability skills so you can better understand how to collect and analyze data from ...

Weezer at .conf25? Say it ain’t so!

Hello Splunkers, The countdown to .conf25 is on-and we've just turned up the volume! We're thrilled to ...

How SC4S Makes Suricata Logs Ingestion Simple

Network security monitoring has become increasingly critical for organizations of all sizes. Splunk has ...