Hi,
Novice to Splunk, I've indexed some data and now want to perform some reports on it.
My main requirement is that I need to get stats on response times as follows by grouping them by how long they took. The report would look similar to the following:
Cum. response %
Running Avg
No of Transactions
<0.5 sec
55.89
0.31
268,676
<1.0 sec
96.58
0.45
195,582
<1.5 sec
98.98
0.47
11,578
<2.0 sec
99.39
0.47
1,976
I need to group in .5 second intervals up to 5 seconds and then 1 second intervals after that up to 10 seconds, with the final row being for everything over 10 seconds. Thie field being grouped on is a numeric field that holds the number of milliseconds for the response time.
Being new to Splunk, I have no idea about how to do the grouping, so I would be grateful for suggestions.
Cheers,
Rob
... View more