Hi everyone,
Trying to find out the top 10 values from different host long_message index functionality..
So tried like index=* "error" OR "FAIL" OR "fatal"| stats values (functionality) values(correlatioid) values(loan_num) values(host) count by log_message | sort -count
So it is showing top errors with functionality host loan_num details for each and every error.
My requirement is i want achieve top errors count from particular host or fuctionality..
It is showing like
Functionality:
Abc
Xyz
123
Let's say If the Abc functionality has more errors.. in the table it should give the count of Abc along with percentage among all the obtained errors..
Like this..
Functionality:
Abc- 109 98% amoung
Xyz - 1 1%
123 1 1%
Any suggestions?
Similarly i want see the top errors causing from different sources..
↧