Solved: How to get results for how often each alarm type o...

marenastrauss · ‎08-30-2019

I have uploaded alarm logs into Splunk. I would like to be able to show results for how often each alarm type occurs in percentage.

For example, the percentage of total alarms that Alarm 1 makes up and the percentage that Alarm 2 takes up, to see which alarm occurs more.

Thank you!

renjith_nair · ‎08-30-2019

@marenastrauss ,

In general , below should work

"your search"|stats count by alarm_type|eventstats sum(count) as total | eval perc=round((count/total)*100)

---
What goes around comes around. If it helps, hit it with Karma 🙂

renjith_nair · ‎08-30-2019

@marenastrauss ,

In general , below should work

"your search"|stats count by alarm_type|eventstats sum(count) as total | eval perc=round((count/total)*100)

---
What goes around comes around. If it helps, hit it with Karma 🙂

marenastrauss · ‎08-30-2019

That worked! I had to do it without round though because then it only gives back 0's. Thank you!

Sukisen1981 · ‎08-30-2019

hi @marenastrauss
Then please accept the answer of @renjith.nair

How to get results for how often each alarm type occurs in percentage