Solved: How to write custom Text for a Search result?

tobi2k · ‎07-21-2019

For my Dashboard I ping a Source and want to see to Text-States: UP or DOWN.

My search statement looks similar like this:

index="main" source="ping" dest="mydomain.com" | stats latest(packet_loss>=0)

A Result >=0 should output DOWN
A Result 0 should output UP

Any Ideas how to archive this?

Thank you!

vnravikumar · ‎07-21-2019

Hi

Try this

[updated]:

index="main" source="ping" dest="mydomain.com"|stats latest(packet_loss) as result |eval result = if(result>0,"DOWN","UP")

tobi2k · ‎07-21-2019

Thank you! Looks like its very close.

Unfortunately the result is "DOWN" although the result is 0.

vnravikumar · ‎07-21-2019

Hi

I had updated the query above, try it. If it works please accept the answer.

tobi2k · ‎07-21-2019

Awesome! Thank you! Works like a charm!

vnravikumar · ‎07-21-2019

Hi

Try this

[updated]:

index="main" source="ping" dest="mydomain.com"|stats latest(packet_loss) as result |eval result = if(result>0,"DOWN","UP")

How to write custom Text for a Search result?