create dashboard where it can show the per day logs ingestion corresponding to it's relevant environment which shows the count of logs per day into it's related environment but i am facing issues while creating dashboard..please help ..thanks in advance.
Hi abhi4,
did you tried to run a simple search as
index=* | timechart span=1d count by index
?
Bye.
Giuseppe
What actual problem are you having? What have you done so far?
Thanks,
-Rich
Thanks for your reply, i tried with query..
index=*index_name host=hostname| eval application = replace(sourcetype, "_log", "") |
eval length = len (domain_name) |
eval env= ( if(len(domain_name)==11, substr(domain_name,4,4), if(len(domain_name)==12,substr(domain_name,5,4), "undefined"))) |
dedup application env , domain_name | timechart span=1d count(application) by env
It showing me the count of each day but not getting in environment wise..like test 1, test2 test3 ..!