We have a data in splunk that is basically DATE/APPLNAME/COUNT, there are about 15 applications, and we would like to create a table that shows by application, the current days count, the 7 day ave...
See more...
We have a data in splunk that is basically DATE/APPLNAME/COUNT, there are about 15 applications, and we would like to create a table that shows by application, the current days count, the 7 day average, and the variance of today, to the average. I've tried a number of things with different searches like appendcols, but not getting the results. I can produce the count or the average, but can't seem to put them together correctly.