Hi,
I'm trying to count the number of events where a value is over a certain amount as well as within a number of ranges.
Here is my search:
sourcetype=source | rex field=_raw "Java memory percentage: (?<java_mem_percent>.*), OS memory percentage: (?<os_mem_percent>.*)" | rex field=_raw "images was (?<launch_time>.*)" | stats count(eval(java_mem_percent>"90"))
Here is how the data is formatted:
Java memory percentage: 75, OS memory percentage: 64
Java memory percentage: 82, OS memory percentage: 75
Java memory percentage: 34, OS memory percentage: 32
Java memory percentage: 56, OS memory percentage: 79
Java memory percentage: 95, OS memory percentage: 67
Thanks!
... View more