I have the following query
index="search_index | timechart avg(time1) as time1_in_mins ,avg(time2) as time2_in_mins | sort time1 | tail 5 | sort time2 | tail 5
Basically, i want to show timechart values for 2 times and I want to sort both the times and show the top 5 values. By doing the above search, time2 is the one that gets sorted correctly. How can I fix the above query to sort both times.
↧