Hi, I am trying to build a dashboard with some status indicators and uptime gauges. Below are the few sample logs. 2021-02-21 13:48:42,744 (DEBUG) Thread_^[OP].* BATCH ID(31673) response (Internal ...
See more...
Hi, I am trying to build a dashboard with some status indicators and uptime gauges. Below are the few sample logs. 2021-02-21 13:48:42,744 (DEBUG) Thread_^[OP].* BATCH ID(31673) response (Internal Server Error, 500) 2021-02-21 13:48:42,741 (DEBUG) Thread_^[KL].* BATCH ID(62422) response (Internal Server Error, 500) 2021-02-21 13:48:31,620 (DEBUG) Thread_^[UV].* BATCH ID(40284) response (OK, 200) 2021-02-21 13:47:41,991 (DEBUG) Thread_^[OP].* BATCH ID(31672) response (OK, 200) Created a status indicator for last 10 minutes as in the below query. index="abc" | eval Indicator=if(Response=="(OK, 200)", "UP", "DOWN") | stats count(eval(if(Indicator="UP", 1, null()))) as UP_count count(eval(if(Indicator="DOWN", 1, null()))) as DOWN_count count(Indicator) as "TotalCount" | eval SI = case(UP_count>0,"UP", UP_count==0,"DOWN") | table SI Result will be either UP or DOWN. Now I am trying to create a uptime gauge which will display the time from which the value of SI is UP. For example, if the value of SI was DOWN for sometime and the connection restored and SI = UP from last 2 days, the uptime will be like 2 days, 30 minutes, 40 seconds Can anyone please help me with this.