Splunk Search
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question
Solved! Jump to solution

How to round the average in stats statement?

balash1979
Path Finder
‎08-30-2019 10:30 PM

Here is what i have 

index="docker" (env = region1 OR env = region2)  "job-time" |eval time_in_mins = ('time')/(1000*60)  | stats avg(time_in_mins) as Time by env

How can I round the average to 2 decimals and then show by env ? Tried this but doesnt work
stats eval(round(avg(time_in_mins),2)) as Time by env

0 Karma
Reply
1 Solution
Solved! Jump to solution
Solution

diogofgm
SplunkTrust
SplunkTrust
‎08-31-2019 04:08 PM

Add this after your stats:
|eval Time = round(Time,2)

------------
Hope I was able to help you. If so, some karma would be appreciated.

View solution in original post

Reply
Solved! Jump to solution
Solution

diogofgm
SplunkTrust
SplunkTrust
‎08-31-2019 04:08 PM

Add this after your stats:
|eval Time = round(Time,2)

------------
Hope I was able to help you. If so, some karma would be appreciated.
Reply
Solved! Jump to solution

tscroggins
Influencer
‎09-01-2019 08:21 AM

This. You don't want to lose precision by rounding before the aggregation. You may also want to look at sigfig, various rounding modes, and the settings and capabilities of floating point math on your architecture, all depending on your use cases.

0 Karma
Reply
Solved! Jump to solution

diogofgm
SplunkTrust
SplunkTrust
‎09-01-2019 02:18 PM

?? Who is rounding before aggregation? I wrote to use the eval after the aggregation...

------------
Hope I was able to help you. If so, some karma would be appreciated.
0 Karma
Reply
Solved! Jump to solution

tscroggins
Influencer
‎09-01-2019 04:14 PM

The original poster. "This" was shorthand for agreeing with you.

Reply
Solved! Jump to solution

Sukisen1981
Champion
‎08-31-2019 12:12 AM 
|  stats  avg(eval(round(time_in_mins,2))) as Time by env
0 Karma
Reply
Solved! Jump to solution

balash1979
Path Finder
‎08-31-2019 03:54 PM

The above doesnt work. I still get the answer with lot of digits after the decimal. It is not rounding.

0 Karma
Reply
Solved! Jump to solution

Sukisen1981
Champion
‎09-01-2019 01:38 AM

hi @balash1979
You have to do what @diogofgm suggests,
This - |stats eval(round(avg(time_in_mins),2)) as Time by env will give you a splunk error, since round is not a function like max, or avg
This - | stats avg(eval(round(time_in_mins,2))) as Time by env will not remove decimals as you rightly pointed out. Even though the round works, in the last instance we again do an avg of the round, so this becomes something like say avg(10) by XXXX
And that won't be a round/whole number

0 Karma
Reply
Get Updates on the Splunk Community!

Routing logs with Splunk OTel Collector for Kubernetes

The Splunk Distribution of the OpenTelemetry (OTel) Collector is a product that provides a way to ingest ...

Welcome to the Splunk Community!

(view in My Videos) We're so glad you're here! The Splunk Community is place to connect, learn, give back, and ...

Tech Talk | Elevating Digital Service Excellence: The Synergy of Splunk RUM & APM

Elevating Digital Service Excellence: The Synergy of Real User Monitoring and Application Performance ...