Splunk Search
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

Auto Group Result

yap
Explorer
‎02-21-2013 12:03 AM

Hi,

I would like to group my product based on weight.

Sample logs are:

Product ID | Weight

00368001a1 | 1.4kg

00368001d1 | 1.3kg

00368002a1 | 0.9kg

00368003a1 | 2.0kg

00368004a1 | 1.5kg

I need to set weight(+ or - between 0.5).
0.5 - 1.4kg as A and 1.5 - 2.4kg is group as B
Instead of manually defining as what I am currently doing:
| eval total_weight=case(weight<0.5,"A",weight<1.4,"B",weight<2.4,"C") | stats count by total_weight
Any help is greatly appreciated.

Tags (1)
0 Karma
Reply

martin_mueller
SplunkTrust
SplunkTrust
‎02-21-2013 01:27 AM

Bucket with a span of 1 would give you +/-0.5kg values, you just have to strip off the "kg" first to make it numerical. I'm not sure if you can do 0.5-1.5 groups though, it tends to create 0-1 buckets instead. If all else fails, shift your weights up by half a kilo 🙂

0 Karma
Reply

yap
Explorer
‎02-21-2013 01:35 AM

Thanks Martin

0 Karma
Reply
Get Updates on the Splunk Community!

Welcome to the Splunk Community!

(view in My Videos) We're so glad you're here! The Splunk Community is place to connect, learn, give back, and ...

Tech Talk | Elevating Digital Service Excellence: The Synergy of Splunk RUM & APM

Elevating Digital Service Excellence: The Synergy of Real User Monitoring and Application Performance ...

Adoption of RUM and APM at Splunk

    Unleash the power of Splunk Observability   Watch Now In this can't miss Tech Talk! The Splunk Growth ...