Solved: How to get average of all the summed values?

rakeshyv0807 · ‎03-07-2018

Hi,

I am trying to sum up all the field values grouped by a field value(suppose fieldA) in my initial query and I got a table format grouped by the fieldA and the sum adjacent to each fieldA values. Please refer to the sample below of what my result looks like for the query I run i.e. sourcetype="pfaduit" success NOT SLO NOT OIDC adapterid=* |stats sum(responsetime) as "Total transaction time" by tid

tid:--37c0eKuTSWXpY-UzVEk-jqiAY                           172
tid:--68NI1mHOZKHASRvcX7sAOr5wk                           1937
tid:--7MWVx1vxrdiM_JHAwfutRmhPM                           794
tid:--H5vkWYeGbKoaSGvWOoopV_4ls                           376
tid:--SG6xWW_efHRsWKkfkZBc-W4tk                           767
tid:--ehyUNfx6WAk87KRpUkPtfGznk                           234
tid:--geBC5RN3WRp6FSPG4NRBHNdPc                           642
tid:--ji7I3wuIJMue8OpxPgIuqpRcA                           772
tid:--kaI_bi5DqFevhT3am6D-IA6wA                           518
tid:--lDGH10oApyn_L1dMcaN_fZ1EM                           484

Now, I want to find the average of above values and get a single value as output and display it when I run this report. Can you please help me achieve it?

Thanks in advance.

davpx · ‎03-07-2018

sourcetype="pfaduit" success NOT SLO NOT OIDC adapterid=* |stats sum(responsetime) as "Total transaction time" by tid | stats avg("Total transaction time") as "Average transaction time"

View solution in original post

davpx · ‎03-07-2018

sourcetype="pfaduit" success NOT SLO NOT OIDC adapterid=* |stats sum(responsetime) as "Total transaction time" by tid | stats avg("Total transaction time") as "Average transaction time"

How to get average of all the summed values?

Announcing Scheduled Export GA for Dashboard Studio

Extending Observability Content to Splunk Cloud

More Control Over Your Monitoring Costs with Archived Metrics GA in US-AWS!