We are recording very order we receive as an event. What I'd like to do is get a count every 15 minutes real time of how many orders have come in and based on the last three weeks to that day see if there was a deviation.
E..g 4:45pm Thurs Sept 4th would be compared to Aug 28th, 21st and 14th on the graph. Also we'd like to measure the std dev to see if it is +/- 1 and alert if it is.
I know we can do this in splunk but I can't seem to 1. Get the timechart/timewrap done right and 2 tell Splunk how to compare specific days of the prior 3 weeks.
... View more