Hi,
I want to present the following table:
| class: | 5-12 min | 12-24 min | 24+ min |
| classA | 12 | 20 | 40 |
| classB | 42 | 56 | 54 |
| classC | 15 | 57 | 14 |
i.e For each class, I want to count all the records (id) that fall into each bucket.
This is what I have now:
index="x" queuename=vncisr runtime>300 | fields class id runtime | eval runtime = case(runtime < 720, "5-12 min", runtime < 1440 , "12-24 min", 1==1, "24+ min") | chart count by runtime
And I only get the total count for each bucket without considering the classes.
I hope it was clear.
