I works in search, My problem is with Pivot!

it seems that the new calculated attribute needs to be defined in the HTTP object to work with Pivot? I'm looking for a workaround!

Hi Melstrathdee,

Here is an example of my events:
I need to sum the count over a Period of one hour and find the Transaction per second by dividing the sum(count) by 3600

Start Time In MS=1479738420000,Start Time Local=Mon Nov 21 14:27:00 GMT+00:00 2016,End Time In MS=1479738480000,End Time Local=Mon Nov 21 14:28:00 GMT+00:00 2016,Site=W0,Group=HTTP,SourceIP=127.0.0.1,Status=200,URL=http://127.0.0.1:8080/xmlapi/invoke,Count=24,Rate=0.4,Average Latency=1.29166

Place the eval statement that calculates the HTTPSum in your search before you pipe the pivot. This should then make the field available. Hope this helps 🙂

Unfortunately I already tried this,
eval HTTPSum = count/3600| pivot Statistics HTTP sum(HTTPSum) as "TPS" SPLITROW _time AS _time PERIOD hour

I'm still getting the error:
Error in 'PivotCell': The object 'HTTP' has no field 'HTTPSum'.

Thanks rjthibod,

I tried your suggestion but pivot still doesn't like it. I get this error 😞 :
Error in 'PivotCell': The object 'HTTP' has no field '|'.

Any work around would be appreciated.

I need to sum the count over a Period of one hour and find the Transaction per second by dividing the sum(count) by 3600. Following your suggestion, I tried this bu it didn't work. Still getting errors:

| pivot Statistics HTTP sum(count) as HTTPSum | eval HTTPSum = 'HTTPSum'/3600 SPLITROW _time AS _time PERIOD hour