Dear Experts,
Request you help to convert this below query into tstats query.
index=network_proxy category="Personal Network Storage and Backup" | eval Megabytes=(((bytes_out/1024)/1024))| stats sum(Megabytes) as Megabytes by user dest_nt_host |eval Megabytes=round(Megabytes,3)| sort -Megabytes| fields user dest_nt_host Megabytes|head 10
Converting into tstats
(| tstats count from datamodel=Web where (nodename = Web.Proxy) (Web.category="Personal Network Storage and Backup" ) (Web.user!="LDAP*") by Web.user ) help required to how to do this.
Thanks in advance.
