Hey guys,
Question for you. I have a query where I am searching for multiple field names inside of the query - `sourcetype=testing PhpFatal="PHP Fatal error" OR DrupalPHPFatal="Error: PHP FATAL Error" OR AccessDenied="Access Denied" OR PageNotFound="page not found"` is it possible to use stats count in order to count up each of the fields?
Something like `sourcetype=testing PhpFatal="PHP Fatal error" OR DrupalPHPFatal="Error: PHP FATAL Error" OR AccessDenied="Access Denied" OR PageNotFound="page not found" | stats count by PhpFatal, DrupalPHPFatal, AccessDenied, PageNotFound`
Is this possible?
↧