Hi All,
I have a table like below (raw table), which shows count of request per 4 hours from two services over a period of two days. I need to find the count values of ServiceA and ServiceB on each day, when the combined request is at peak per day. That will be the values below.
Peak values:-
1/01/2014 4:00 56 89 145
2/01/2014 8:00 56 78 134
Raw Table:-
_time ServiceA ServiceB Total
1/01/2014 0:00 45 56 101
1/01/2014 4:00 56 89 145
1/01/2014 8:00 78 54 132
1/01/2014 12:00 41 11 52
1/01/2014 16:00 23 23 46
1/01/2014 20:00 56 58 114
2/01/2014 0:00 38 56 94
2/01/2014 4:00 54 41 95
2/01/2014 8:00 56 78 134
2/01/2014 12:00 11 23 34
2/01/2014 16:00 23 45 68
2/01/2014 20:00 58 56 114
3/01/2014 0:00 80 49 129
Any ideas how to do it ???
Regards
KK
Try this
yoursearchhere
| eval the_date=strftime(_time,"%x")
| eventstats max(total) as MaxTotal by the_date
| where Total=MaxTotal
HTH
Try this
yoursearchhere
| eval the_date=strftime(_time,"%x")
| eventstats max(total) as MaxTotal by the_date
| where Total=MaxTotal
HTH
Thank You !!! Appreciate that.
thanks from year 2020 🙂