I have data events which share the properties of index, location, drink_type, drink_available
example data:
1) index=common, location="A", drink_type=lemonade, drink_available=yes
2) index=common, location="A", drink_type=cola, drink_available=no
3) index=common, location="B", drink_type=lemonade, drink_available=no
4) index=common, location="B", drink_type=cola, drink_available=yes
5) index=common, location="C", drink_type=lemonade, drink_available=no
6) index=common, location="C", drink_type=cola, drink_available=no
I'd like to generate a pie chart with whether or not each location has at least 1 drink available. For this example
location A has at least 1 drink
location B has at least 1 drink
location C doesn't have drinks available
Pie-chart for "at least 1 drink for each location" would be 2 for "yes" and 1 for "no".
I know how to create pie-charts, but I don't know how to perform this search, it seems as if I need to "group" events with the same location and perform a "sub-search" to see if there is at least 1 type of drink available.
The logic i'm trying to get across:
if( (drink_type=lemonade AND drink_available=yes) OR
(drink_type=cola AND drink_available=yes),
atleast1drink=true,atleast1drink=false)
I'm new to this and any help would be appreciated. Thanks.
↧