splunk

I've been working with Splunk Enterprise a lot lately (and it's very powerful and easy to use!). In many situations, it is useful to show some metric compared to the same metric a month ago (or some other time period).

One way to accomplish this is with the community-supported Splunk app, Timewrap. I couldn't get Timewrap to output the data as I wanted, so instead here's the approach that I used.