- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
How to sum all values in a column using the "eval" command?
I have a query in which each row represents statistics for an individual person. I want to sum up the entire amount for a certain column and then use that to show percentages for each person.
Example:
Person | Number Completed
x | 20
y | 30
z | 50
From here I would love the sum of "Number Completed" (100) and then use that to add the field like so:
Person | Number Completed | Percentage Completed
x | 20 | 20%
y | 30 | 30%
z | 50 | 50%
I am having trouble thinking of ways to do this without the eval command as I have already gathered statistics "by Person" which is limiting me from gathering the statistics of the whole.
If you could help me out that would be greatly appreciated. Thanks!
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Try this run anywhere search:
|makeresults|eval person="x", no="20"|append[|makeresults|eval person="y", no="30"]|append[|makeresults|eval person="z", no="50"]|table person no|stats values(no) as no by person|eventstats sum(no) as total|eval percentage=((no/total)*100)."%"
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
...your search here...
| eventstats sum(NumberCompleted) as total
| eval PercentageCompleted=(NumberCompleted/total)*100
Eventstats will append a field "total" to each row, with the total of the Number column. That can then be used in an eval to calculate the completion per row.
