I am attempting to use the map command and table the data. I am trying to map in values to run through the a predict function and table the results. I get 90% there except the fields that are predicted do not populate the op value.
<my search>
| table op
|map [search op=$op$ <more search stuff> ]
...
| timechart count as Vol, values(op) as op
| predict Vol
When doing this I get a table with multiple times, once for each op like the below:
| _time | Vol | op | high(prediction(Vol)) | low(prediction(Vol)) |
| 12:00 | 10 | test1 | 12 | 7 |
| 12:00 | 11 | test2 | 14 | 8 |
| 12:15 | 15 | test1 | 17 | 11 |
| 12:15 | 12 | test2 | 15 | 10 |
| 12:30(predicted time) | | | 16 | 10 |
| 12:30(predicted time) | | | 12 | 9 |
Any ideas why this is no populating?
