knowledge20
Reputation: 1436
Finding avg response time using splunk query
I have a log line stating
Received App information from Source and processed in ms: 467
Now I would like to find the avg response time for the app which would be avg values for the time received after ms: Can you please guide me how do I extract the value of time (ms) and then find average response time
Upvotes: 0
Views: 7036
Answers (1)
whng
Reputation: 236
You can use Splunk's rex command to extract new fields at search time.
Next, you will need to use the stats command along with the avg function to get the average response time over all events.
Here is the full Splunk query:
| makeresults | eval _raw="Received App information from Source and processed in ms: 467"
| rex field=_raw "processed in ms:\s+(?<response_time>\d+)"
| stats avg(response_time)
Upvotes: 3
Related Questions
- Query for calculating duration between two different logs in Splunk
- Splunk getting average TPS for each service
- Find Pod Count in splunk search
- DateTime format search in the splunk search query
- Splunk get the response time in the log and use it for graph
- Writing a Splunk Query - Unique Count of Initial Access Key Usage from Cloudtrail
- Splunk query substract time
- How get max count of request in time in splunk
- Graphing response times with Kibana
- elasticsearch avg query and fetch time