Making Applied Math Interesting

I have a college friend who after years of working in the IT field decided to become an 8th grade math teacher. This is a noble endeavor. After hearing this, I began to think about what it was like to learn math in my own youth and quickly thought about the usual word problems such as when will two trains intersect if heading at certain speeds at each other or finding the X value given an equation. These type of problem solving skills probably meet the needs of most students, but some want more. In fact, they want their math problems to apply to real world scenarios to make them more realistic and interesting.

This is where Splunk can play …

» Continue reading

Compare Two Time Ranges in One Report

Recently a customer asked me how to show current data vs. historical data in a single report.  It looks like the report below, where one line represents today’s data and another represents yesterday’s data.  This makes it easy to see the relationship between data over any two time ranges.
Two time ranges on one graph
Here is the basic structure of the two time range search, today vs. yesterday:

Search for stuff yesterday | eval ReportKey=”Yesterday” | modify the “_time” field | append [subsearch for stuff today | eval ReportKey=”Today”] | timechart

If you’re not familiar with the “eval”, “timechart”, and “append” commands used above, and the subsearch syntax, here are links to these commands and their associated functions in Splunk’s online documentation:

Eval Command   …

» Continue reading

Astronomy and Summary Indexing

I had the pleasure last week of viewing Saturn’s rings at Rutgers University’s observatory. It was my first time actually seeing the rings through a professional telescope and the planet does look like what we often see in text book pictures. After the viewing, I started thinking that astronomy records a lot of data that needs to be indexed for search and aggregated for reports. I asked the professor conducting the tour if he had any logs for astrometry data and he took out his paper notebook to show it to me. Obviously, in Splunk terms, that was not what I was asking to see.

In seriousness, the professor told me that optical telescopes, radio telescopes, and spectrometers can generate …

» Continue reading