Rounding Off Decimal-Values using timechart command in Splunk

Rounding Off Decimal: Timechart command is normally used to show data on a time-basis. When one goes for having average-values of every numerical field sometimes it has decimal values. With this article, you will be shown how to round-off decimal values with the help of timechart command. You will have pictures of sample information.

Rounding Off Decimal

You need to round off every value in this result set. The query is given below.

Outcomes

Explanations

The query method in the image above & bytes are present field names at _internal index & the sourcetype name remains splunkd_ui_access. We’ve taken an average value of bytes-field by method-field. Using the timechart command we need to use Eval & round feature together with the AVG function to have a round-off value of up to three decimal points. Remember for the query to work one needs to specify the number of decimals you require on your round. The guidance above will help you achieve the task without fail.

Difference between User and Power User in Splunk

Leave a Comment