Hello guys,
Could you let me know the difference in terms of buckets between :
`| dbinspect *search* and *search* | eval bkt=_bkt | table bkt` ?
It looks like `dbinspect` returns more results and with a wider span. My aim is to remove buckets according to a specific search and timeframe.
Thanks.
↧