• Currently, my line chart is showing predict vales for the given subnets i.e when the subnets will run out of Free address (Time in month and year)
• And my input for example as 'default/17.0.1.0/24'.
• The chart shows time in X-Axis and "Free addresses" in Y-Axis.

My current requirement is instead of input network ('default/17.0.1.0/24'), we need to take a new input filter 'Top N'

• So, we need to predict when the Top N subnets will run out of Free addresses.
• The top N lines will show lines for Top N subnets whose free address will exhaust first. Each line will represent the subnet.
• I tried the foreach command, but not able to apply the predict. Looks like foreach command is basically doing some operations on certain field sets, mainly evals, not sure where can we apply that with the current requirement. Any suggestions please.

my search string is something like below:

| eval Free=address_total-dhcp_hosts
| stats max(Free) as Free by _time  view_network
| timechart  max(Free) as "Free Addresses"
| forecast "Free Addresses" future_timespan=150 as Prediction

Appreciate if any suggestions/ideas on how to achieve this.