Feature addtotals and addcoltotals

[asifabashar]

Description

Is your feature request related to a problem?
addtotals command to show total of all columns of each row as a new column , and also have option to show total of all rows of each column values to show at the end of rows.
Fixes issue #4607
From roadmap #4287

addcoltotals command to show total of each column's all rows values to show at the end of rows.
From roadmap #4287

What solution would you like?
command: addtotals ,addcoltotals
addtotals: Add totals across rows by default and also calculate total across columns when col=true

The addtotals command computes the arithmetic sum of all numeric fields for each search result.

You can specify a list of fields that you want the sum for, instead of calculating every numeric field.
The sum is placed in a new field.

If col=true, the addtotals command computes the column totals, which adds a new result at the end that represents the sum of each field.
labelfield, if specified, is a field that will be added to this summary event with the value set by the label option.

Alternatively, instead of using the addtotals col=true command, you can use the addcoltotals command to calculate a summary event.

labelfield, if specified, is a field that will be added at the last row of the column specified by labalfield with the value set by the 'label' option.

Syntax
addtotals [row=] [col=] [labelfield=] [label=] [fieldname=] []

Required arguments
None.
Optional arguments
row
Syntax:
row=

Description:
Specifies whether to calculate the sum of the for each event.
This is similar to calculating a total for each row in a table.
The sum is placed in a new field. The default name of the field is Total.
If you want to specify a different name for the field, use the fieldname argument.

Usage:
Because the default is row=true, specify the row argument only when you do not want the event totals to appear (row=false).

Default:
true

col

Syntax:

col=

Description:
Specifies whether to add a new event, referred to as a summary event, at the bottom of the list of events.
The summary event displays the sum of each field in the events, similar to calculating column totals in a table.

Default:
false

fieldname

Syntax:

fieldname=

Description:
Used to specify the name of the field that contains the calculated sum of the field-list for each event.
The fieldname argument is valid only when row=true.

Default:
Total

field-list
Syntax: ...

Description: One or more numeric fields, delimited with a space. Only the fields specified in the are summed. If a is not specified, all numeric fields are included in the sum.

Usage: You can use wildcards in the field names. For example, if the field names are count1, count2, and count3 you can specify count* to indicate all fields that begin with 'count'.

Default: All numeric fields are included in the sum.

labelfield
Syntax: labelfield=

Description:
Used to specify a field for the summary event label.
The labelfield argument is valid only when col=true.

To use an existing field in your result set, specify the field name for the labelfield argument.
For example, if the field name is IP, specify labelfield=IP.

If there is no field in your result set that matches the labelfield, a new field is added using the labelfield value.

Default:
none

label
Syntax:

label=

Description:
Used to specify a row label for the summary event.

If the labelfield argument is an existing field in your result set, the label value appears in that row in the display.

If the labelfield argument creates a new field, the label appears in the new field in the summary event row.

Default:
Total

command addcoltotals: Add totals across columns of each row to show total in a new field.

addcoltotals: options
Optional Arguments

Syntax: ...

Description: A space-delimited list of valid field names. addcoltotals calculates the sum only for the fields in the list you specify.
You can use the asterisk () as a wildcard to specify fields with similar names.
Example: To specify all fields that start with "value", use value.

Default: Calculates the sum for all fields.

labelfield

Syntax: labelfield=

Description: Specify a field name to add to the result set.

Default: none

label

Syntax: label=

Description: Used with the labelfield argument to add a label in the summary event. If the labelfield argument is absent, the label argument has no effect.

Default: Total

Related Issues

Resolves #4607 [#4607 ]

Check List

• New functionality includes testing.
• New functionality has been documented.
• New functionality has javadoc added.
• New functionality has a user manual doc added.
• New PPL command checklist all confirmed.
• API changes companion pull request created.
• Commits are signed per the DCO using --signoff or -s.
• Public documentation issue/PR created.

By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.
For more information on following Developer Certificate of Origin and signing off your commits, please check here.

[asifabashar]

@penghuo Please review

[asifabashar]

@penghuo please review

[asifabashar]

@LantaoJin Please review