Splunk Search
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question
Solved! Jump to solution

How to search and calculate the average for the top 70 percent of a field?

bkcstone
Engager
‎09-05-2014 10:12 PM

How to calculate the average for top 70%. A field in log contains a value. I need to ignore the least 30% and then calculate average.

Tags (3)
Reply
1 Solution
Solved! Jump to solution
Solution

strive
Influencer
‎09-05-2014 10:31 PM

Try this

some search terms.. | sort 0 - Field_Of_Interest | streamstats count as Rank | eventstats count as TotalRows | where Rank<(TotalRows * 0.7) | stats avg(Field_Of_Interest) as Required_Average

View solution in original post

Reply
Solved! Jump to solution
Solution

strive
Influencer
‎09-05-2014 10:31 PM

Try this

some search terms.. | sort 0 - Field_Of_Interest | streamstats count as Rank | eventstats count as TotalRows | where Rank<(TotalRows * 0.7) | stats avg(Field_Of_Interest) as Required_Average
Reply
Get Updates on the Splunk Community!

Devesh Logendran, Splunk, and the Singapore Cyber Conquest

At this year’s Splunk University, I had the privilege of chatting with Devesh Logendran, one of the winners in ...

There's No Place Like Chrome and the Splunk Platform

WATCH NOW!Malware. Risky Extensions. Data Exfiltration. End-users are increasingly reliant on browsers to ...

Customer Experience | Join the Customer Advisory Board!

Are you ready to take your Splunk journey to the next level? &#x1f680; We invite you to join our elite squad ...