Splunk Search
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question
Solved! Jump to solution

percent of results per bin

tp29
Engager
‎10-09-2024 08:09 AM

Hi all,

New to splunk, running out of ideas, please help!

I have created a search to show:

| bin span=10m _time

| stat count by _time

This gives me two columns - the time interval in 10 minutes bins, and the number of results within that bin.

What I would like to do is expand on this search and show the % of bins over a time range that have > =10 results 

 

cheers

0 Karma
Reply
1 Solution
Solved! Jump to solution
Solution

ITWhisperer
SplunkTrust
SplunkTrust
‎10-09-2024 08:27 AM 
| bin span=10m _time
| stat count by _time
| stats count(eval(count>=10)) as count10plus count as total
| eval percent=100*count10plus/total

View solution in original post

Reply
Solved! Jump to solution
Solution

ITWhisperer
SplunkTrust
SplunkTrust
‎10-09-2024 08:27 AM 
| bin span=10m _time
| stat count by _time
| stats count(eval(count>=10)) as count10plus count as total
| eval percent=100*count10plus/total
Reply
Solved! Jump to solution

tp29
Engager
‎10-10-2024 01:01 AM

That works perfectly.
Thank you very much 🙏

0 Karma
Reply
Get Updates on the Splunk Community!

Continuing Innovation & New Integrations Unlock Full Stack Observability For Your ...

You’ve probably heard the latest about AppDynamics joining the Splunk Observability portfolio, deepening our ...

Monitoring Amazon Elastic Kubernetes Service (EKS)

As we’ve seen, integrating Kubernetes environments with Splunk Observability Cloud is a quick and easy way to ...

Cloud Platform & Enterprise: Classic Dashboard Export Feature Deprecation

As of Splunk Cloud Platform 9.3.2408 and Splunk Enterprise 9.4, classic dashboard export features are now ...