Hi,

I want to compare same uri_stems for different time frame . This is the query I am using but getting error as "Unknown Search command 'index'".

Query:

index="iis" host=server* earliest=$Series1.earliest$ latest=$Series1.latest$ | rex field=cs_uri_stem "[^.](?P<Extension>.)" | where (Extension="" OR Extension=".aspx" OR Extension=".axd" OR Extension=".asmx") | eval cs_uri_stem=lower(cs_uri_stem) | eval cs_host=Addition+cs_host | lookup PageMapping URL as cs_uri_stem, Method as cs_method,Application as cs_host output PageGroup as PageGroup,Critical as Critical TestedLoad as TestedLoad | where Critical=1 | stats avg(time_taken) as Pre_AverageResponseTime,perc90(time_taken) as Pre_90ResponseTime,perc75(time_taken) as Pre_75ResponseTime,count as Pre_TotalHits,max(TestedLoad) as Pre_TestedinLab by PageGroup,cs_host | eval Load%ToTestedInLabA=tostring(round(TotalHits*100/TestedinLab,2))+"%" | fields PageGroup,cs_host,Pre_AverageResponseTime,Pre_90ResponseTime,Pre_75ResponseTime,Pre_TotalHits | sort -cs_host | join type=outer cs_uri_stem [index="iis" host=server* earliest=$Series2.earliest$ latest=$Series2.latest$ | rex field=cs_uri_stem "[^.](?P<Extension>.)" | where (Extension="" OR Extension=".aspx" OR Extension=".axd" OR Extension=".asmx") | eval cs_uri_stem=lower(cs_uri_stem) | eval cs_host=Addition+cs_host | lookup PageMapping URL as cs_uri_stem, Method as cs_method,Application as cs_host output PageGroup as PageGroup,Critical as Critical TestedLoad as TestedLoad | where Critical=1 | stats avg(time_taken) as Pre_AverageResponseTime,perc90(time_taken) as Pre_90ResponseTime,perc75(time_taken) as Pre_75ResponseTime,count as Pre_TotalHits,max(TestedLoad) as Pre_TestedinLab by PageGroup,cs_host | eval Load%ToTestedInLabA=tostring(round(TotalHits*100/TestedinLab,2))+"%" | fields PageGroup,cs_host,Pre_AverageResponseTime,Pre_90ResponseTime,Pre_75ResponseTime,Pre_TotalHits | sort -cs_host]