Hi Team,
we have a query to get response times from our logs and then do a range to group the Response Time
index=* host=hostname sourcetype=perf* "*string pattern*" | rex "GET.*\s(?\d+)" | rangemap field=resptime Lessthan1Sec=0-1000 One_to_ThreeSec=1001-3000 higher_than_three=3001-10000 default="greater_Than_10k" | timechart count by range
Now, this works fine for one host but unfortunately we want this data for multiple hosts and I am not able to list the time ranges for multiple hosts. Can anyone please help me here.
↧