My search is something like:
index=foo "get /foo/bar"| eval a=_time+1s| eval b=_time+10m | table a,b,ip, field1, field2
How would I search these results for events between times a,b and where field1 and feild2 match?
↧
