Hello fellow Splunkers!

ipc=ipc1-r6c10 Intake-Temperature=70 Exhaust-Temperature=82 Humidity=44% Amps=6 Voltage=351 Watts=2106

ipc=ipc1-r6c11 Intake-Temperature=64 Exhaust-Temperature=81 Humidity=55% Amps=14 Voltage=349 Watts=4886

ipc=ipc1-r6c4 Not responding

Given the preceding with many more ipc(power controllers) each as it own event, how do I generate the total Wattage across all IPC's for a given polling period? The script that generates these events runs every 10 minutes.

So far I have figured out how to group the events for a given polling period as one event with transactions:

index="datacenter-stats" | transaction maxspan=350s

Now I want to sum Watts for each event in its own column; However, when I try to add up the Watts totals the resulting table always has nothing in the TotalPower column.

index="datacenter-stats" | transaction maxspan=350s | addtotals fieldname=TotalPower Watts | table *

Interestingly If I change the maxspan value to something like 10s which combines the source events into some events with a few lines each, the events with one value in the Watts column are displaying the correct TotalPower. This isn't all that useful because it only gets me the one power controller total which I already have.

index="datacenter-stats" | transaction maxspan=10s | addtotals fieldname=TotalPower Watts | table *

Screen Shot

In summary, How do I sum the value of fields in one event into a new field within that same event or another event, such that I eventually can then graph that fields change over time.