We have monthly data for each SBU and we want to setup an alert if any total increase more than 5% for up coming month.
index=mydata | bin span=1mon _time | stats sum(total) as Total_Val by _time, SBU | sort +SBU -_time
Can you please help us to write a Splunk query to filter if any total increase more than 5% comparing with previous month.
Note: We have more than 50 SBU.
↧