Splunk Search

sum of all the fields and aggregate sum

shrirangphadke
Path Finder

Hi,

I am having a tough time in creating overall sum and aggregate sum. Here is my issue:

I have multiple values between client-server:

source destination client_to_server_bytes server_to_client_bytes
    A --   B                10                                   12
    A --   B                10                                   10
    A --   C                50                                   30
    C --   D                15                                   15
    c --   D                10                                   10

I want to create a table with addition of two values in all occurrences. And final value would have addition of all the additions:

A -- B 42
A -- C 80
C -- D 50

To get first addition I did:

my_search ... | eval total_bytes = exact(val_1 + val_2) | table source destination total_bytes

This correctly gave me following result:

A -- B 22
A -- B 20
...and so on

Now how do I combine them to form a single result?

0 Karma
1 Solution

woodcock
Esteemed Legend

Like this:

 my_search ... | eval total_bytes = exact(val_1 + val_2) | stats sum(total_bytes) by source destination

View solution in original post

woodcock
Esteemed Legend

Like this:

 my_search ... | eval total_bytes = exact(val_1 + val_2) | stats sum(total_bytes) by source destination

shrirangphadke
Path Finder

very true !

0 Karma

shrirangphadke
Path Finder

It was easy! I am really dumb.. Anyways Thanks for your help !!

0 Karma

woodcock
Esteemed Legend

So am I but Splunk makes even dummies look brilliant!

0 Karma
Get Updates on the Splunk Community!

The Splunk Success Framework: Your Guide to Successful Splunk Implementations

Splunk Lantern is a customer success center that provides advice from Splunk experts on valuable data ...

Splunk Training for All: Meet Aspiring Cybersecurity Analyst, Marc Alicea

Splunk Education believes in the value of training and certification in today’s rapidly-changing data-driven ...

Investigate Security and Threat Detection with VirusTotal and Splunk Integration

As security threats and their complexities surge, security analysts deal with increased challenges and ...