I have the following API's, for which I need to count the occurrence of each in every 10 seconds for 1 hour time interval.
/api/login/v1/session
/api/data/v1/graphql
/api/order/v1/orders
/api/order/v1/states
/api/order/orderimporter/v1/importcsv
/api/order/orderimporter/v1/promote
/api/order/orderimporter/v1/stagingOrder
/api/order/v3/graphql
/api/order/desk/v2/quickSend
/api/order/v1/desk/Batch/sync
/api/order/v1/Orders/sync
I tried with
host=*localhost* Path=*** sourcetype=nginx
| where Path in ("/api/platform/v1/session" OR "/api/coredata/v1/graphql" OR "/api/trading/v1/orders")
| table Path
But getting `Error in 'where' command: Typechecking failed. 'OR' only takes boolean arguments`
Basically I want the count of all the listed api in every 10 seconds for 1-hour interval.
↧