Hello everyone , I have the below query which is fetching data for a particular index but i also want few fields from a look up file say ABC.csv and columns are 'Salary' and 'Date' from that . I am...
See more...
Hello everyone , I have the below query which is fetching data for a particular index but i also want few fields from a look up file say ABC.csv and columns are 'Salary' and 'Date' from that . I am trying to fetch it but the data is coming as blank . Please help : index=*infra* metric_label ="Host : Reporting no data" | bin span=6m@m metric_value as 6_min_data | stats count(eval(metric_value=0)) as uptime count(eval(metric_value=1)) as downtime by 6_min_data, source_host | eval total_uptime = uptime*360 | eval total_dowtime = downtime*360 | eval total_uptime = if(isnull(total_uptime),0,total_uptime) | eval total_downtime = if(isnull(total_dowtime),0, total_dowtime) | eval avg_uptime_perc = round((total_uptime/(total_uptime+total_downtime))*100 ,2) | eval avg_downtim_perc = round((total_downtime/(total_uptime+total_downtime))*100,2) | eval total_uptime = tostring(total_uptime, "duration") | eval total_downtime = tostring(total_downtime, "duration") | rename "total_uptime" as "Total Uptime", "total_downtime" as "Total Downtime", avg_uptime_perc as "Average uptime in %", avg_downtim_perc as "Average Downtime in %" source_host as "Source Host" | table "Source Host" "Total Uptime" "Total Downtime" "Average uptime in %" "Average Downtime in %"