Solved: How to sort events in ascending order by date with...

abovebeyond · ‎06-15-2015

Hello,

I'm trying to order specific events from our application log for visualization.

search string :

index="applicationlogsindex" Credit card was declined | stats count as NumEvents by date_mday

i have 2 problems :

1) for some reason the dates are ordered by the first number.
how can i sort it by the the correct date in ascending order?

2) the date shown up is just a single number. For example today is the 15th, i need a date like DD\MM

Thanks

fdi01 · ‎06-15-2015

1) to ascending order, use sort command like this:

index="applicationlogsindex" Credit card was declined | stats count as NumEvents by date_mday|sort  date_mday

2) to shown up the date, use _time field like this:

index="applicationlogsindex" Credit card was declined | stats count as NumEvents by _time

or

index="applicationlogsindex" Credit card was declined|sort _time|eval  date_mday=_time| stats count as NumEvents by date_mday

fdi01 · ‎06-15-2015

1) to ascending order, use sort command like this:

index="applicationlogsindex" Credit card was declined | stats count as NumEvents by date_mday|sort  date_mday

2) to shown up the date, use _time field like this:

index="applicationlogsindex" Credit card was declined | stats count as NumEvents by _time

or

index="applicationlogsindex" Credit card was declined|sort _time|eval  date_mday=_time| stats count as NumEvents by date_mday

abovebeyond · ‎06-15-2015

Thanks !

How to sort events in ascending order by date with the correct date format?