@Karthikeya Based on your logs you can fetch data like 1. For time chart - This shows how violations are trending over time, with separate lines for successes and failures. | eval violation_ty...
See more...
@Karthikeya Based on your logs you can fetch data like 1. For time chart - This shows how violations are trending over time, with separate lines for successes and failures. | eval violation_type=if(like(violations, "%failed%"), "Failure", "Success") | timechart span=1h count by violation_type 2. Bar chart - This shows the top 10 attack types by frequency. | stats count by attack_type | sort - count | head 10 3. Pie or bar chart - This helps you visualize how often each HTTP response code (e.g., 200, 404, 500) is returned. | stats count by response_code 4. Bar chart - This shows the most frequently accessed URIs, which could help you understand which endpoints are under attack. | stats count by uri | sort - count | head 10 Hope this works