Glad you saw sense and ditched chatGPT! Try something like this index=sample_index sourcetype=kube:container:sample_container
| fields U, S, D
| where isnotnull(U) and isnotnull(S) and isnotnull(D)...
See more...
Glad you saw sense and ditched chatGPT! Try something like this index=sample_index sourcetype=kube:container:sample_container
| fields U, S, D
| where isnotnull(U) and isnotnull(S) and isnotnull(D)
| rex field=U "(?P<ApiName>[^/]+)(?=\/[0-9a-fA-F\-]+$|$)"
| eventstats min(D) as Min, max(D) as Max, avg(D) as Avg, perc95(D) as P95, perc98(D) as P98, perc99(D) as P99 by ApiName
| stats count as TotalReq, by ApiName, Min, Max, Avg, P95, P98, P99, S
| eval {S}=TotalReq
| stats values(1*) as 1* values(2*) as 2* values(3*) as 3* values(4*) as 4* values(5*) as 5* sum(TotalReq) as TotalReq by ApiName, Min, Max, Avg, P95, P98, P99
| addtotals labelfield=ApiName col=t label="ColumnTotals" 1* 2* 3* 4* 5* TotalReq
| addinfo
| eval Availability% = round(100 - ('500'*100/TotalReq),8)
| fillnull value=100 Availability%
| eval range = info_max_time - info_min_time
| eval AvgTPS=round(TotalReq/range,5) | eval Avg=floor(Avg) | eval P95=floor(P95) | eval P98=floor(P98) | eval P99=floor(P99)
| sort TotalReq
| table ApiName, 1*, 2*, 3*, 4*, 5*, Min, Max, Avg, P95, P98, P99, AvgTPS, Availability%, TotalReq