Hi guys,

I'm building an app that collects metrics from various sources.
In the dashboard, all metrics will be shown with Trellis layout, categorised by source.

My current set-up of saved searches (about 100 saved searches across 8 sources with 1 summary index) does not yet follow a naming convention for the search result fields.
A lot of saved searches do not even have a defined result field.

I'm thinking of creating a common field across ALL of my saved searches (potentially this will grow from 100 to 1.000) where i would call this common field something like 'metric' or in other cases 'score'.

My theory behind this is that when i want to search across the output of my saved searches in my summary index, i could search with something like this:

index=summary_index_name search_name=* | stats avg(metric) by saved_search_name

In theory, this would make searching and splitting of data across all saved searches very easy.

Each summary index populating saved search would look a little something like this:

index=name_of_index | sistats avg(field_name) as metric by field_name_2

My questions:

• What is your opinion about this set-up using a common field name?
• What can go wrong when i use this type of set-up using a common field name?
• What else could i do to make life easy when i have a lot of saved searches and i want easy maintenance and flexibility in dashboarding?