I have a dataset that includes the number of people getting on\off a bus and at what lat\lon that occurred.
I've got Maps+ showing how many events took place in a cluster, but I would like to display the sum of three different fields for that cluster.
*index=bus_apc IN3F>0 OR IN2M>0 OR IN1R>0 | eval latitude=LAT, longitude=LON | table latitude, longitude*
Context: there are 6 fields that represent people getting on the bus. 3 start in IN, 3 start with OUT. This is why I am filtering to grab only events greater 0 from IN3F, IN2M, and IN1R.
I have the sum of each field with a total. I would like to the overall total of a cluster to be displayed on the map.
index=bus_apc | stats sum(IN3F) as "Boardings Front", sum(IN2M) as "Boardings Middle", sum(IN1R) as "Boardings Rear" | addtotals
Can anyone help?
↧