Splunk Search
×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question
Solved! Jump to solution

percent of results per bin

tp29
Engager
‎10-09-2024 08:09 AM

Hi all,

New to splunk, running out of ideas, please help!

I have created a search to show:

| bin span=10m _time

| stat count by _time

This gives me two columns - the time interval in 10 minutes bins, and the number of results within that bin.

What I would like to do is expand on this search and show the % of bins over a time range that have > =10 results 

 

cheers

Labels (6)
0 Karma
Reply
1 Solution
Solved! Jump to solution
Solution

ITWhisperer
SplunkTrust
SplunkTrust
‎10-09-2024 08:27 AM 
| bin span=10m _time
| stat count by _time
| stats count(eval(count>=10)) as count10plus count as total
| eval percent=100*count10plus/total

View solution in original post

Reply
Solved! Jump to solution
Solution

ITWhisperer
SplunkTrust
SplunkTrust
‎10-09-2024 08:27 AM 
| bin span=10m _time
| stat count by _time
| stats count(eval(count>=10)) as count10plus count as total
| eval percent=100*count10plus/total
Reply
Solved! Jump to solution

tp29
Engager
‎10-10-2024 01:01 AM

That works perfectly.
Thank you very much 🙏

0 Karma
Reply
Get Updates on the Splunk Community!

.conf25 Community Recap

Hello Splunkers, And just like that, .conf25 is in the books! What an incredible few days — full of learning, ...

Splunk App Developers | .conf25 Recap & What’s Next

If you stopped by the Builder Bar at .conf25 this year, thank you! The retro tech beer garden vibes were ...

Congratulations to the 2025-2026 SplunkTrust!

Hello, Splunk Community! We are beyond thrilled to announce our newest group of SplunkTrust members!  The ...