Splunk Search
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question
Solved! Jump to solution

Sum Total File Size By Year

caviman2201
Path Finder
‎06-13-2014 02:05 PM

I have the following data:

Time FileName FileSize
5/4/2010 stuff.txt 151
7/15/2010 whatever.txt 252
6/5/2011 things.txt 353
6/7/2012 yes.txt 454
8/5/2012 no.txt 555
9/10/2013 blah.txt 656



What I need is an output showing the number of files from each year and the total size of files from that year. I got the first part by doing:

index=temp_index | stats count by date_year

This outputs:

Date_Year Count
2010 2
2011 1
2012 2
2013 1



What I need is a third column that adds the total file sizes for each year so:

Date_Year Count TotalFileSize
2010 2 403
2011 1 353
2012 2 1009
2013 1 656
Tags (3)
Reply
1 Solution
Solved! Jump to solution
Solution

martin_mueller
SplunkTrust
SplunkTrust
‎06-13-2014 02:11 PM

Try this:

index=temp_index | stats count sum(FileSize) by date_year

View solution in original post

Reply
Solved! Jump to solution
Solution

martin_mueller
SplunkTrust
SplunkTrust
‎06-13-2014 02:11 PM

Try this:

index=temp_index | stats count sum(FileSize) by date_year
Reply
Get Updates on the Splunk Community!

Introducing the 2024 SplunkTrust!

Hello, Splunk Community! We are beyond thrilled to announce our newest group of SplunkTrust members!  The ...

Introducing the 2024 Splunk MVPs!

We are excited to announce the 2024 cohort of the Splunk MVP program. Splunk MVPs are passionate members of ...

Splunk Custom Visualizations App End of Life

The Splunk Custom Visualizations apps End of Life for SimpleXML will reach end of support on Dec 21, 2024, ...