Hello 🙂 My output is: signature, count BitTorrent DHT ping request, 896 Bittorrent P2P Client User-Agent (uTorrent), 350 BitTorrent DHT announce_peers request, 296 BitTorrent announce request, 201 BitTorrent DHT nodes reply, 121 Observed DNS Query to .biz TLD, 53586 Observed DNS Query to .cloud TLD, 24277 DYNAMIC_DNS Query to, 5896 DynDNS CheckIp External IP Address Server Response, 2894 OpenDNS DNSCrypt, 577 I to united similia events and output should be this: signature, count Torrent, 1864 DNS, 87230 Can someone help me with the search pattern that will solve my issue? One of the main criteria it's should be easy to scale and without the creation of a new field. The transformation should be before I will use command stats.
... View more