Hi Team, I want to calculate peak hourly volume of each month for each service. Each service can have different peak times and first need to calculate peak hour of each component for the month. Likewise calculate for last 3 months. Then calculate the average of 3 months peak hourly volume. Below table is the sample requirement.   January-24 February-24 March-24 Avg Volume service1 20 50 20 30 service2 4 3 8 5 service3 20 30 40 30 service4 30000 30000 9000 23000 service5 200 300 400 300 ... View more

Hi All, I have two events as below. In both the events, data format is different. We can observe extra "/" from few events. How to capture the logEntryType from both of them by using rex command ? ,\"logEntryType\":\"SUMMARY\", ,"logEntryType":"Detail", Field Name should be "logEntryType" and values should be "SUMMARY" and "Detail". ... View more

I am preparing a volume report for my project. My requirement is to capture the peak hour (hour which has highest calls ) with date and time and pass the same date and time in sub search to get statistical data. My search should be like below (query to get the peak hour) | (sub search with stats command with duration of peak hour) I want to print peak hour and with statistical out put in a single query. Any suggestions, how to get this thing ? ... View more

I have field values as below , field1=value1 filed2=server1 field1=service/value2/a1 field2=server2 field1=value3 field2=server3 field1=service/value4/a2 filed2=server4 field1=value5 field2=server5 field1=service/value6/a2 filed2=server4 field1=value7 field2=server6 field1=service/value8/a2 filed2=server2 I am getting few extra strings on field1 from server2 and server4. Now i want to check, if log is from server2 or server4, then truncating pre and post random values and save only actual value My final output field should be like below field1=value1; value2; value3; value4; value5; value6.. etc ... View more