Solved: How to calculate moving standard deviation in Splu... - Splunk Community

Splunk Search

_time, Prev Week(count),Prev 2 week(count),avg,3*Std Dev,Current count,Delta,RAG
1:30 8 7 7.5 2.121320344 8 0.5 OK
2:00 9 9 9 0 5 4 Alert
2:30 10 11 10.5 2.121320344 11 0.5 OK
3:00 11 10 10.5 2.121320344 8 2.5 Alert
3:30 12 12 12 0 7 5 Alert
4:00 12 12 12 0 10 2 Alert
4:30 13 14 13.5 2.121320344 8 5.5 Alert
5:00 13 13 13 0 8 5 Alert
5:30 14 13 13.5 2.121320344 7 6.5 Alert

1 Solution

Solution

Streamstats lets you calculate many statistical functions over any window: http://docs.splunk.com/Documentation/Splunk/7.0.2/SearchReference/streamstats

View solution in original post

refer this, you will get some idea.

http://docs.splunk.com/Documentation/Splunk/7.0.2/Search/Findingandremovingoutliers

Solution

Streamstats lets you calculate many statistical functions over any window: http://docs.splunk.com/Documentation/Splunk/7.0.2/SearchReference/streamstats

Get Updates on the Splunk Community!

Webinar Recap | Revolutionizing IT Operations: The Transformative Power of AI and ML ...

The Transformative Power of AI and ML in Enhancing Observability In the realm of IT operations, the ...

.conf24 | Registration Open!

Hello, hello! I come bearing good news: Registration for .conf24 is now open! conf is Splunk’s rad annual ...

ICYMI - Check out the latest releases of Splunk Edge Processor

Splunk is pleased to announce the latest enhancements to Splunk Edge Processor. HEC Receiver authorization ...