Re: incremental part count per hour

mdmaala · ‎05-07-2019

hi! in my current project, I have to create an area map where it shows the number of parts per hour, I was able to display that. But I also want to display a target part count for the day and for each hour. In my use case, each hour, the target part count should be 10 and for 24 hours the final target should be 240 parts.

here is my search so far: `|savedsearch rename1
|fields Date_Time Username Green Yellow Red
|rex field=Date_Time "(?P\d{4}\/\d{2}\/\d{2})\s(?P\d{2}:\d{2}:\d{2})"
|sort 0 _time Username Green Yellow Red
|streamstats window=1 current=f list(_time) as prevTime list(Green) as RUN
|bucket Time span=1h |stats list(RUN) as Count1 by Time

| appendcols[|savedsearch rename2
|fields Date_Time Username Green Yellow Red
|rex field=Date_Time "(?P\d{4}\/\d{2}\/\d{2})\s(?P\d{2}:\d{2}:\d{2})"
|sort 0 _time Username Green Yellow Reda
|streamstats window=1 current=f list(_time) as prevTime list(Green) as RUN2
|bucket Time span=1h |stats list(RUN2) as Count2 by Time]

|eval Part_Count = Count1 + Count2
|eval Target = round(24hours*10)
|eval Current = round(currenttime * 10)`

daniel_wilson32 · ‎06-15-2019

Have you already debugged that code on some ide or framwork, you could add module which you want to by getting it installed from the authenticated source.

incremental part count per hour

Announcing Scheduled Export GA for Dashboard Studio

Extending Observability Content to Splunk Cloud

More Control Over Your Monitoring Costs with Archived Metrics GA in US-AWS!