Hello,
Our index has the following data: method name (amf_name), execution time (call_dur), application_version (app_version). I am trying to build a statistics table of average values for every method for every app_version (top 10, sorted desc). I also want the columns to be in a specific order - method name, then specific version averages, then any other averages.
The current query that is working is
host=prod09 | chart avg(call_dur) by amf_name app_version | table amf_name, "01.20.00.00", * | sort 10 - "01.20.00.00"
The result looks like:
amf_name 01.20.00.00 01.30.00.00 01.40.00.00 ...
execute 10.25 11.4 10.74 ...
...
What I want to see in this table is method name, average for a specified app version, and then for every app version - a delta between this average value and average for that version. So the result looks like
amf_name 01.20.00.00 01.30.00.00 01.40.00.00 ...
execute 10.25 1.15 0.49 ...
...
I have tried using foreach, but it does not go through "01...." columns. It seems to be aware only about amf_name results column. Which seems strange, as when I address any column by the exact name like "01.20.00.00" I am able to change the data using eval. The question here is how to address a column without knowing its name and build statistics for all available application versions.
Thank you in advance.
↧