Splunk Search
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

Using stats - how to correlate a value to time of day?

briang67
Communicator
‎10-29-2010 06:16 PM

Hello,

I have an app where I'm splunking a sales price of an item that fluctuates throughout the day. Is there a way using the stats command to correlate whether it's more likely for the price to be a certain value at a certain time of day? Like would the product sales price tend to be lower earlier rather than later in the day... Would the analyzefields function be used for this?

Thanks

Tags (1)
0 Karma
Reply

sideview
SplunkTrust
SplunkTrust
‎10-29-2010 06:53 PM

I'd start with something like this: 

<your search> | stats min(price) max(price) avg(price) by date_hour | sort date_hour

or maybe if there's also variation from products to products (Im making up a field called productCategory)

<your search> | chart avg(price) over date_hour by productCategory
Reply

gkanapathy
Splunk Employee
Splunk Employee
‎10-29-2010 07:22 PM

If that's what you're looking for, you should look for correlations between date_hour and price, perhaps using correlate or analyzefields.

0 Karma
Reply

briang67
Communicator
‎10-29-2010 07:16 PM

I've actually done something similar to both these approaches, but I'm looking for something more like "tell me that there's a correlation to a particular time of day, so I should run the timechart". I'm tracking multiple products so I want to spot the one that correlates better than others, or the ones that seem to have a lower price at specific times of the day. Something like show me the std deviation of the sales price across time slices. ie. Check the prices for the same item on subsequent days at 2PM, 3PM, 4PM, etc to find the lowest value.

Thank you

0 Karma
Reply
Get Updates on the Splunk Community!

Introducing the Splunk Community Dashboard Challenge!

Welcome to Splunk Community Dashboard Challenge! This is your chance to showcase your skills in creating ...

Built-in Service Level Objectives Management to Bridge the Gap Between Service & ...

Wednesday, May 29, 2024  |  11AM PST / 2PM ESTRegister now and join us to learn more about how you can ...

Get Your Exclusive Splunk Certified Cybersecurity Defense Engineer Certification at ...

We’re excited to announce a new Splunk certification exam being released at .conf24! If you’re headed to Vegas ...