index=foo
| eval Compliant=case(like(AppVersion,"14.12%"), "OK", like(AppVersion,"14.11%"),"OK" , like(AppVersion,"14.10%"),"OK" , like(AppVersion,"14.9%"),"OK" , like(AppVersion,"14.8%"),"OK"...)
| table User, Platform, AppVersion, Compliant
Right now table looks like this. I have only checked if an AppVersion is on the Compliant list.
12345| Windows | 14.8 | Ok
56789| Mac | 12.8 |
03468| iOS | 18.0 |
97621| Android | 18.8 |
However, I need to check certain AppVersions against the Platform.
I imagine it would need multiple if statements and multiple cases but not sure how to do this.
One of my failures looked something like:
index=foo
| eval Compliant=if(Platform=Windows, case(like(AppVersion,"14.12%"), "OK", like(AppVersion,"14.11%"),"OK" , like(AppVersion,"14.10%"),"OK" , like(AppVersion,"14.9%"),"OK" , like(AppVersion,"14.8%"),"OK"...),"NO")
| table foo
The goal would be to show something like this.
User | Platform | AppVersion | Compliant
12345| Windows | 14.8 | Ok
56789| Mac | 12.8 | Ok
03468| iOS | 18.0 | Ok
97621| Android | 18.8 | Ok
97423| Windows | 13.8 | No
32638| Mac | 11.0 | No
08346| iOS | 17.0 | No
43835| Android | 18.2 | No
Thank you in advance, if you can help.
↧