Day 9 is here . Part 1 The first part is easy. We already know how to enumerate pairs from day 8, so all we have to do is that plus calculate the area. So as usual we save the challenge data to a csv, add a header line of "x,y" a the top, upload to splunk as a new lookup, and we can easily upgrade to the full challenge data for part 1: That was easy! Part 2 Now this is another story. I'm just going to document the various ideas and iterations I went through, just because it's

Day 8 is here . Part 1 So the first challenge is to enumerate all possible pairs. Let's play with very simple data to start with: I guess eventstats is a good way to bring all of the events into each of the events: Now we just have to mvexpand item2. But there are a couple of problems: we can't have pairs made of twice the same event, that's not possible. the order doesn't matter in pairs, so we need to dedup them somehow. Cool, so now we know how to enumerate pairs. Let's ap

Day 7 is here . Part 1 - visual solution One thing I've learned about myself with these challenges, is that I always want to make the solution as splunky as possible. For me that means starting with a stream of events, i.e. treating the challenge data as one event per line, and pretending they are indexed events in splunk. That's also why I wanted to use timed lookups in day 5. Of course, that kind of approach is not always ideal for this type of programming challenges, and i

Day 6 is here . As always we save the challenge data as a csv file, add a column header (just one column called "math"), and upload it to splunk: Part 1 Cephalopod math is organised in columns, which is going against of the grain in splunk. So a good first step would be to transpose it. Before we can do that, we need to give a name to each field: Then we can use the transpose command: Then we need to split each field on spaces: Note: sadly split does not take a regular expres