I can search for events and run stats count by host.
And I can run a search of distinct number of hosts.
I want to combine both in one table. I want count of events by host and a count of hosts.
I actually want to create an alert based on the number of hosts returned.
↧