i have a question regarding the chart command. I am trying to execute a search splunk command that shows both the count and percentage of the count in one chart command: so here is an example of splunk command that currently only shows the count and the total count: source="xyz" http_status_code | chart count by path_template, http_status_code | addtotals col=t This command shows each count of the http_status_code (y axis) and the path_template (x axis) and showing the total of the counts of all the http_status_code. Now i need to add the percentage (count/total) of each count when i know the number of counts. e.g. 40 (5%) or something like that. How would i do that using chart? Thanks!
i have a question regarding the chart command. I am trying to execute a search splunk command that shows both the count and percentage of the count in one chart command: so here is an example of splunk command that currently only shows the count and the total count: source="xyz" http_status_code | chart count by path_template, http_status_code | addtotals col=t This command shows each count of the http_status_code (y axis) and the path_template (x axis) and showing the total of the counts of all the http_status_code. Now i need to add the percentage (count/total) of each count when i know the number of counts. e.g. 40 (5%) or something like that. How would i do that using chart? Thanks!
source="xyz" http_status_code
| chart count by path_template, http_status_code
| addtotals col=t
| eval percentage=round(100*count/total,2)."%"
| chart count, percentage by path_template, http_status_code