How to find average values over time

If you want to find the average of an existing numeric value in your data, you can simply use timechart and avg.

timechart 5m, avg(value), group_by(container)

Finding the average of a computed value like the count of records is more complicated, because timechart cannot nest aggregate functions. To solve this problem, we need two timechart statements:

timechart 5m, count:count(), group_by(container)
make_event
timechart 5m, avg:avg(count), group_by(container)

The make_event aids performance by aggregating data to interval start times.