×

Join the Conversation

Without signing in, you're just watching from the sidelines. Sign in or Register to connect, share, and be part of the Splunk Community.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question
TwitchyB
New Member
Member since: ‎01-31-2024
‎02-01-2024
Community Statistics
Posts 2
Solutions 0
Karma Given 0
Karma Received 0
Member Since ‎01-31-2024
Activity Feed
Topics I've Started
View All

Re: Event Count by Average Overtime

by in Splunk Search
‎02-01-2024 05:32 AM
‎02-01-2024 05:32 AM
Thank you for your reply. I've sort of gotten that far, but where I'm really struggling is trying to make each index their percentage of their respective thruput, sorry if I didn't clarify that in the question.  ... View more

Event Count by Average Overtime

by in Splunk Search
‎01-31-2024 01:17 PM
‎01-31-2024 01:17 PM
Hello, I'm starting out on my splunk journey and have been tasked with figuring out a dashboard for my executives. I created a layout for a dashboard and had the idea of creating a chart, but have been struggling with the logic.  What I'm looking to do is have a the count/average count over time by time so I have a chart of percentages of the day against their average thruput. I had a few ideas for the search but none seemed to work. could someone give me some direction please on what I've gotten so far? (its definitely wrong) index=* | where index="Index 1" OR index="Index 2" OR index="Index 3" | eval Count=sum(count(index)) / "something something something to get the average" | timechartcount by Count ... View more
Labels
Contact Me
Online Status
Offline
Date Last Visited
‎02-01-2024 08:54 AM