I have a order data, I need to trend the order for last 15 days, plotting three values high, low and current in a same graph
index=abc
sourcetype=logg
Ordertype= retail or online
and I need to trend with high low and today's value in last 15 days.
| makeresults
| eval _raw="AM,Version=08_07,NumberOfRequests=7511,LastRequestTime=3/19/2020 11:19:34 AM,InactiveTimeSpan=0.0 minutes
AM,Version=08_07,NumberOfRequests=1,LastRequestTime=3/19/2020 11:19:34 AM,InactiveTimeSpan=0.0 minutes
AM,Version=08_07,NumberOfRequests=7,LastRequestTime=3/19/2020 11:18:45 AM,InactiveTimeSpan=0.8 minutes"
| rex max_match=0 "NumberOfRequests=(?<numberofrequests>\d+)"
| rex "LastRequestTime=(?<date>\S+)"
| stats sum(numberofrequests) as total min(numberofrequests) as low max(numberofrequests) as high by date
and I need to trend with high low and today's value in last 15 days.
There is no log, so you can do it.
AM,Version=08_07,NumberOfRequests=7511,LastRequestTime=3/19/2020 11:19:34 AM,InactiveTimeSpan=0.0 minutes
AM,Version=08_07,NumberOfRequests=1,LastRequestTime=3/19/2020 11:19:34 AM,InactiveTimeSpan=0.0 minutes
AM,Version=08_07,NumberOfRequests=7,LastRequestTime=3/19/2020 11:18:45 AM,InactiveTimeSpan=0.8 minutes
this is for single event, i need to show the current value , which is the sum(numberofrequests) for the latest minute