hi All,
We are receiving web traffic to one index from multiple markets like below query. Now we have been asked to setup an alert if there is any decrease in 50% of volume in any market over a time period like an hour or in 30 mins. Can some one help me how to achieve this?
Charting the Traffic by Market wise:
index=webtraffic sourcetype=mobile_traffic marketName=* eventType="ProductAdded" |timechart count by marketName useother=f usenull=f
Thanks!
↧