I am trying to group by text within a specific field. I'm essentially searching a message content field called event. Within this event field, I am searching for specific errorCodes, but I also want to group by the error codes in the result. I'm not able to do an extraction because the message content is in xml format and I can't seem to extract the specific tag. Is there any way to handle this group by ask?
I want to group the results by unique values within my XML tag. If you couldn't tell...I'm new to this so I'm very appreciative of any guidance you can offer!
↧