cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question
Aps17
Explorer
Member since: ‎09-24-2020
‎12-30-2021
Community Statistics
Posts 6
Solutions 0
Karma Given 1
Karma Received 2
Member Since ‎09-24-2020
Activity Feed
View All

Re: How to calculate bytes per second for each tra...

by in Getting Data In
‎01-21-2021 06:30 AM
‎01-21-2021 06:30 AM
I am trying to calculate it based on bytes_in and bytes_out information |eval MB=((bytes_in+bytes_out)/1024) |eval GB=(MB/1024) will this query give me the download speed for each response. ... View more

How to calculate bytes per second for each transac...

by in Getting Data In
‎01-21-2021 05:21 AM
‎01-21-2021 05:21 AM
I want to calculate the download speed for each fetched transaction page in bytes per second. transaction pages consist of login page(that has user login details) and openloan pages consist of documents. I want to have data in bytes per second I have written the below query that gives  me response time in second and i would like to add one more field here that would give me data in bytes per second for  fetched  transaction pages. index=app_iis source=*Inetpub* (host=JTCOTWCEMPLW* OR host=JTCOTWCEMPPW* OR host=JTCEP1WPLOSW* OR host=JTCEP1WPPORW*) http_method=GET Uri="*LOSWeb*" Uri="*aspx*" Time_taken!="-" |eval APClientSource=split(Uri,"/"), APClientName=mvindex(APClientSource,1) |search APClientSource="Login.aspx" OR APClientSource="OpenLoan.aspx" |eval "Time_taken(s)"='Time_taken'/1000 |bin _time span=5m |stats avg(Time_taken(s)) as avgURT,distinct_count(C_username) as usercount by host,APClientName,cs_uri_stem,_time |eval avgURT=round(avgURT,0),StdevURT=round(StdevURT,0) ... View more
Labels

Re: how to convert bytes to second in report.

by in Splunk Search
‎10-05-2020 07:17 AM
‎10-05-2020 07:17 AM
Understood.I found the response time in event field. thank you gscusello. ... View more

how to combine 2 separate queries and list there d...

by in Splunk Search
‎10-01-2020 07:03 AM
‎10-01-2020 07:03 AM
e.g QUERY 1: host=jtcstcxbsswb* source="/usr/IBM/HTTPServer/logs/access*" httpmethod="GET" statuscode="200" loaninfo="/api*" OR Requestinfo="*/" OR sitename="*/LoginAccountUserName" |eval APFields=split(loaninfo,"/") |eval APNumOfFields=mvcount(APFields) |eval AP2ndFromLast=mvindex(APFields,APNumOfFields-2) |eval APLoanNumber=mvindex(APFields,6) |eval APLast=mvindex(APFields,-1) |search APLast="loans" OR APLast="summary" OR APLast="payments" |timechart count(APLast), Avg(cookie) as URT  by APLast   Query 2 :sourcetype=apigee:digit* host=JTCLSGLAPGERT* APIProduct=*-Authenticated-Product |timechart span=5m distinct_count(LoginAccountUserName) i want something like this   host=jtcstcxbsswb* source="/usr/IBM/HTTPServer/logs/access*" httpmethod="GET" statuscode="200" loaninfo="/api*"  |eval APFields=split(loaninfo,"/") |eval APNumOfFields=mvcount(APFields) |eval AP2ndFromLast=mvindex(APFields,APNumOfFields-2) |eval APLoanNumber=mvindex(APFields,6) |eval APLast=mvindex(APFields,-1) |search APLast="loans" OR APLast="summary" OR APLast="payments" |stats count(APLast), Avg(cookie) as URT  by APLast |append [search sourcetype=apigee:digit* host=JTCLSGLAPGERT* APIProduct=*-Authenticated-Product |timechart span=5m distinct_count(LoginAccountUserName) ]  |bin _time|stats count(APLast), Avg(cookie) as URT ,distinct_count(LoginAccountUserName) by APLast I am able to get the data  as  Time  | count(APLAST) | URT | LoginAccountUserName (I see only zero values in LoginAccountUserName) how to fetch the LoginAccountUserName data from 2nd query and list it here. ... View more

Re: how to convert bytes to second in report.

by in Splunk Search
‎09-24-2020 05:06 AM
1 Karma
‎09-24-2020 05:06 AM
1 Karma
I am looking to retrieve the user response time for one of the application but here response time is in bytes then how can i get it converted to time format. host=jtcstcxbsswb* source="/usr/IBM/HTTPServer/logs/access*" httpmethod="GET" statuscode="200" loaninfo="/api*" OR Requestinfo="*/" OR sitename="*/LoginAccountUserName" |eval APFields=split(loaninfo,"/") |eval APNumOfFields=mvcount(APFields) |eval AP2ndFromLast=mvindex(APFields,APNumOfFields-2) |eval APLoanNumber=mvindex(APFields,6) |eval APLast=mvindex(APFields,-1) |eval MB=round(((bytes/1024)/1024),2) |bin _time |stats count(APLast), sum(MB) as URT, max(MB) as MaxURT by APLast,_time   this is my query. ... View more

how to convert bytes to second in report.

by in Splunk Search
‎09-24-2020 03:29 AM
1 Karma
‎09-24-2020 03:29 AM
1 Karma
Hello. I'm buliding a report where i want byte to be converted into seconds/millisecond. any idea how to do that  source="/usr/IBM/HTTPServer/logs/access*" httpmethod="GET" statuscode="200"  |eval APFields=split(loaninfo,"/") |chart count(DDMURLLast),avg(DDMTimeTakenSeonds) max(DDMTimeTakenSeonds) stdev(DDMTimeTakenSeonds) by APfields ... View more
Labels
Contact Me
Online Status
Offline
Date Last Visited
‎12-30-2021 02:55 AM
Karma from
View All
Karma given to
View All