We are trying to create a dashboard where , we need to find the number of occurrences where one event had certain keyword and another event had certain event. We suspect that one event may have caused another event. How can we achieve this , below are some sample events:

As you can see "AuthenticationPage" log happened , we want to know if any of the other events with Unhandled exception or App crash happened before the first event.

{"bdy":{"msg":"AuthenticationPage loaded.","metricName":"PageLoad","metricValue":"AuthenticationPage","measuredTime":"00:00:00.2587706"},"hdr":{"level":"Information","timestamp":"2018-02-07T21:59:12.3973812Z","lineNum":0,"loc":"ABC","ABCId":"0170","ip":"xx.xx.xx.xx","hostName":"xx.xx","macaddress":"mac-d","eventid":0,"appVersion":"18","appName":"Logon","deviceModel":"","osVersion":"1944","firmwareVersion":"17222.0"},"ver":"0.1"}

{"bdy":{"msg":"**Unhandled Exception**","ex":{"Msg":"Unable to Claim . P.Scanner.GetDefaultAsync() returned null. This generally means you need to add DeviceCapability for Service in Package.appxmanifest file.","StackTrace":" at Abcde.Core.device.WinRT.Scanner.d__32.MoveNext()\r\n--- End of stack trace from previous location where exception was thrown ---\r\n at