Splunk Search
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question
Solved! Jump to solution

index=Network_data memory_raw!="" | table _time cust_id memory_raw |bin _time span=1d | stats avg(memory_raw) by _time cust_id

akhil36109
New Member
‎01-24-2018 07:02 AM

Hello everyone,
In the above command i got the average memory raw per customer for a day(span=1d).
But i need it for last 14DAYS or atleast for the last 7 days .

i am trying to use "Snap to" but it is not working,could you please help me.
Thank you very much!

Tags (1)
0 Karma
Reply
1 Solution
Solved! Jump to solution
Solution

mayurr98
Super Champion
‎01-24-2018 08:14 AM

hey you can try something like this..also you do not need to add table command as it seems unnecessary for me!
for last 7 days

index=Network_data memory_raw!=""  earliest=-7d latest=now |bin _time span=1d | stats avg(memory_raw) by _time cust_id

for last 14 days

    index=Network_data memory_raw!=""  earliest=-14d latest=now |bin _time span=1d | stats avg(memory_raw) by _time cust_id

let me know if this helps!

View solution in original post

0 Karma
Reply
Solved! Jump to solution
Solution

mayurr98
Super Champion
‎01-24-2018 08:14 AM

hey you can try something like this..also you do not need to add table command as it seems unnecessary for me!
for last 7 days

index=Network_data memory_raw!=""  earliest=-7d latest=now |bin _time span=1d | stats avg(memory_raw) by _time cust_id

for last 14 days

    index=Network_data memory_raw!=""  earliest=-14d latest=now |bin _time span=1d | stats avg(memory_raw) by _time cust_id

let me know if this helps!

0 Karma
Reply
Solved! Jump to solution

akhil36109
New Member
‎01-24-2018 08:40 AM

Thank you!
ya bro now i got each day avg(memory_raw) for last 14 days of each cust_id .

My questions is :

Can i take this data and feed to Machine learning too kit and predict the numeric fieds which is avg(numeric_raw) for next 10 days??

0 Karma
Reply
Solved! Jump to solution

mayurr98
Super Champion
‎01-24-2018 08:47 AM

yes you can,if you have expertise to which algorithm to use and how to feed this in machine learning toolkit.
I do not know how to feed to ML toolkit as I do not have experience on ML.
And if you do not know how to do it then I suggest you to open new ticket ask a question about how can feed this search query to ML toolkit. Also search on splunk answers, if your requirement is already there or not!

let me know if this helps!

0 Karma
Reply
Solved! Jump to solution

akhil36109
New Member
‎01-24-2018 10:22 AM

thank you bro you helped me a lot but i think i need to learn ML

0 Karma
Reply
Solved! Jump to solution

493669
Super Champion
‎01-24-2018 07:35 AM

have you tried to change time range to "Last 7 days"

0 Karma
Reply
Get Updates on the Splunk Community!

Announcing Scheduled Export GA for Dashboard Studio

We're excited to announce the general availability of Scheduled Export for Dashboard Studio. Starting in ...

Extending Observability Content to Splunk Cloud

Watch Now!   In this Extending Observability Content to Splunk Cloud Tech Talk, you'll see how to leverage ...

More Control Over Your Monitoring Costs with Archived Metrics GA in US-AWS!

What if there was a way you could keep all the metrics data you need while saving on storage costs?This is now ...