Hi All, we need to generate every minute, for the below query, to fix the source data for reporting purpose in other tool. The thing is, we need to generate every minute, even there's no data and put 0 then. stage=* sourcetype=nvp_test_log | bin _time span=1m | eval datDl = strftime (_time, "%Y-%m-%d %H:%M:%S") | dedup _raw | stats count As httpc by hpam_region, stage , host, dataowner_id, datDl | fillnull | TABLE httpc, datDl, dataowner_id, host, stage, hpam_region The most important, is to save to grouping hierarchy as above. Thank You very much! Cheers, Damian,Hi All, I need to adjust the below query to generate every minute in the output. If there's no event in the given minute, we need to put 0. It's important to save the grouping hierarchy: hpam_region, stage , host, dataowner_id, datDl stage=* sourcetype=nvp_access_logging | bin _time span=1m | eval datDl = strftime (_time, "%Y-%m-%d %H:%M:%S") | dedup _raw | stats count As httpc by hpam_region, stage , host, dataowner_id, datDl | fillnull | TABLE httpc, datDl, dataowner_id, host, stage, hpam_region Thank You! ... View more