I need to filter the VMS by APP What I have is this Now i want to add more apps and based on selection in Application drop  down i want to filter the Environment drop down or (want to show selection only associated to Application drop down)   The full requirement is on selection of specific Application, the Vms shown on the Environment should only associated to selected      ... View more

I need to filter the event which does not contain word "error". For example, I have events containing- "POST /operation/requiredword"  "POST /operation/requiredword | error". I want to count only the "POST /operation/requiredword" and exclude the "POST /operation/requiredword | error". Here is the query I am using right now and it is giving me both the events with and without containing "error": index="depat-test-app" | rex "DN: (?<ConsumingApp>.*?)[}\s]" | rex field=_raw "(?<Passed>(POST \/opertion\/requiredword)) | stats count(passed) by ConsumingApp   What I want is something like this: index="depat-test-app" | rex "DN: (?<ConsumingApp>.*?)[}\s]" | rex field=_raw "(?<Passed>(POST \/operation\/requiredword NOT error )) | stats count(passed) by ConsumingApp ... View more