Hi all,
I am attempting to count the number of Installs of certain code levels for field machines. Essentially I am extracting this information from some logs, and then I am listing all the code levels by machine serial, this gives me the code level history of a machine. Where I am struggling is being able to list current installs of the code levels, so this would include counts of 0 since not all code levels are currently being used, however I feel that my current approach isn't appropriate , I've included some samples below.
First part of Search-
Search.......| stats values(code_level) as code_level list(time_on_machine) as time_on_machine by Machine_Serial
| stats dc(Machine_Serial) as installs sum(time_on_machine) by code_level
Results-
Machine_Serial code_level time_on_machine
75abc 1.1 365
1.3 20
1.4 50
75dfe 1.1 10
1.3 15
1.5 7
75xyz 1.3 25
1.4 50
As mentioned above from this search I can see a historical view of the code history for machines as well as the time it spent on a machine. Essentially only the latest code level ( the one at the bottom of each group I.E the largest one ) would count as an install so for the first group ( serial 75abc ) code level 1.1 would be a current install, but 1.3 and 1.4 would not count towards installs on their respective level, however I do take their time_on_machine field and add that to the rest, so it would look something like this-
Desired Results-
code_level current_installs time_on_machine_sum
1.1 0 375
1.3 0 60
1.4 2 100
1.5 1 7
Is there any way I can achieve the current_installs portion of this search? Thank you in advance, and please let me know if something was not clear.
↧