About ronnybruska

ronnybruska · ‎05-11-2018

appendpipe did it for me. I have two combined subsearches (different timeframes) so i had to calculate the percentage for the two totals manually: index=xxx "search pattern" dvc=xxx earliest="05/07/2018:00:00:00" latest="05/08/2018:00:00:00" | multikv | timechart span=30m count as today | appendcols [ search index=xxx "search pattern" dvc=xxx earliest="04/30/2018:00:00:00" latest="05/01/2018:00:00:00" | multikv | timechart span=30m count as yesterday ] | eval percentage = round((today / yesterday - 1) * 100, 2) | rename yesterday as "Value1", today as "Value2", percentage as "Percent", _time as "time" | convert ctime("time") | table "time", "Value1", "Value2", "Percent" | appendpipe [ eventstats sum("Value2") as total_today, sum("Value1") as total_yesterday | eval perc_sum = round((total_today / total_yesterday -1) * 100, 2) | stats sum("Value1") as "Value1", sum("Value2") as "Value2", values(perc_sum) as "Percent"] | fillnull value="total" Thank you very much!

ronnybruska · ‎05-09-2018

Hi there, i created a table: Date | Value1 | Value2 | Percentage The last line should be: "total" | total of Value1 | total of Value2 | Percentage change of "total of Value1" and "total of Value2" So i want to calculate two total fields to add a third total field because the last field shouldn't be the total of all percentage. I already got the first 3 fields but could not find out how to add a second field with addtotals addtotals col=true row=false "Value1", "Value2", labelfield="Date" label="total" Is this possible? Thx!

Posts	2
Solutions	0
Karma Given	0
Karma Received	0
Member Since	‎04-27-2018

Online Status	Offline
Date Last Visited	‎06-05-2020 02:04 AM

Addtotals - Percentage of 2 total fields as new fi...

Re: Addtotals - Percentage of 2 total fields as ne...

Addtotals - Percentage of 2 total fields as new fi...