Is there a way I can group a window of 3 time points and add it as a field with the last two remaining being ignored? I'm trying to classify time series patterns using a support vector machine with the Splunk MLTK and I'm unsure how to get the data in these windows. (ex) My data has the _time and amount fields, and I would like to add the windows field: 1. _time amount windows 2. XX:12:XX 6 [ 6, 8, 4] 3. XX:13 XX 8 [8, 4, 4] 4. XX:14:XX 4 [4, 4, 3] 5. XX:15:XX 4 [ 4, 3, 2] 6. XX:16:XX 3 ...` 7. XX:17:XX 2 ... ` ... View more