Solved: Sum Total File Size By Year - Splunk Community

Splunk Search

I have the following data:

Time	FileName	FileSize
5/4/2010	stuff.txt	151
7/15/2010	whatever.txt	252
6/5/2011	things.txt	353
6/7/2012	yes.txt	454
8/5/2012	no.txt	555
9/10/2013	blah.txt	656

What I need is an output showing the number of files from each year and the total size of files from that year. I got the first part by doing:

index=temp_index | stats count by date_year

This outputs:

Date_Year	Count
2010	2
2011	1
2012	2
2013	1

What I need is a third column that adds the total file sizes for each year so:

Date_Year	Count	TotalFileSize
2010	2	403
2011	1	353
2012	2	1009
2013	1	656

1 Solution

Solution

Try this:

index=temp_index | stats count sum(FileSize) by date_year

View solution in original post

Solution

Try this:

index=temp_index | stats count sum(FileSize) by date_year

Get Updates on the Splunk Community!

Why Splunk Customers Should Attend Cisco Live 2026 Las Vegas

Why Splunk Customers Should Attend Cisco Live 2026 Las Vegas Cisco Live 2026 is almost here, and this ...

What Is the Name of the USB Key Inserted by Bob Smith? (BOTS Hint, Not the Answer)

Hello Splunkers, So you searched, “what is the name of the usb key inserted by bob smith?” Not gonna lie… ...

Automating Threat Operations and Threat Hunting with Recorded Future

Automating Threat Operations and Threat Hunting with Recorded Future June 29, 2026 | Register Is your ...