Dear Experts,

Request you help to convert this below query into tstats query.

index=network_proxy category="Personal Network Storage and Backup" | eval Megabytes=(((bytes_out/1024)/1024))| stats sum(Megabytes) as Megabytes by user dest_nt_host |eval Megabytes=round(Megabytes,3)| sort -Megabytes| fields user dest_nt_host Megabytes|head 10

Converting into tstats

(| tstats count from datamodel=Web where (nodename = Web.Proxy) (Web.category="Personal Network Storage and Backup" ) (Web.user!="LDAP*") by Web.user ) help required to how to do this.

Thanks in advance.