First timer here - hi all and thanks for this amazing ressource.
I am trying to timechart the counts for unique and shared values of 2 different lists.
My events:
`"2016-08-08 10:46:09" PLAY_ID="112680324", PLAY_DATE="2015-12-01 09:00:03", ARTIST="Coldplay", TITLE="Hymn For The Weekend feat. Beyonce", STATION_ID="S1"`
`"2016-08-08 10:46:06" PLAY_ID="110914851", PLAY_DATE="2015-12-01 21:24:48", ARTIST="DJ Snake;Major Lazer", TITLE="Lean On", STATION_ID="S2"`
I need to show the number of artists that are only played on each of the stations and the shared artists that both stations play. And how these counts evolve over time.
Inspired by this article: [https://know-how.io/?p=32][1] I have this search:
`... | PLAY_DATE="2015-12-01*" (STATION_ID="S1" OR STATION_ID="S2") | makemv delim=";" ARTIST | eval S1=if(CH_WO=="S1", ARTIST, NULL)| eval S2=if(CH_WO=="S2", KUN, NULL) | stats values(S1) as Station1, values(S2) as Station2 | mvexpand Station1 | mvexpand Station2 | where Station1==Station2 | rename Station1 as shared | table shared`
The ARTIST field can hold multiple artists separated by ;
The query works, but only gives me the actual shared artists within a specified time period.
1. I'd like to include the unique artist counts for each station as well.
2. I am specifying the time period (PLAY_DATE="2015-12-01*") where I'd like to bin span time periods in order to do per week, month, year etc.
3. The search is painstakenly slow. The example search takes about 10 secs.
Ideally I'd like to end up with a graph like this:
![alt text][2]
Any help would be much welcome.
Thanks.
[1]: https://know-how.io/?p=32
[2]: /storage/temp/156252-chart.png
↧