Random or every Nth value

Follow
Avatar
Christopher Cooper

Hi, 

My team and I have a number of transcripts that get sent to sumologic and we would like to do some spot checks of them. What we'd like to do is create a query that randomly selects 10-20 entries and bundles them up for an email. 

It doesn't necessarily have to be random it could be every Nth value for example every 5th entry.

I have yet to find any method of doing this in Sumologic and would like to know if it is possible.

Regards,

Chris 

0

Comments

1 comment

Sort by Date Votes
  • Official comment
    Avatar
    Graham Watts

    Hi Chris,

    On method for sampling results in a query is parsing out the timestamp. You can use parse regex, for example, to parse the number for hours, minutes, and seconds.

    If you have a timestamp with 12:07:22, you can then write a where statement to filter on and sample specific values for hours, minutes, or seconds. For example:

        | where seconds matches "1*" OR seconds matches "3*" seconds matches "5*" 

    Is this what you're looking for?

    Comment actions Permalink

Please sign in to leave a comment.

Didn't find what you were looking for?

New post