So I am trying to get the cumulative sum of all the time taken by each host, so far I could cumulate for a single host, how can i loop through all the hosts and show it in a table
index=main host="XYZ"
| stats earliest(_time) as First latest(_time) as Last by source
| eval difference=Last-First
| stats sum(difference) as total_difference
| eval todifference=tostring(total_difference, "duration")
| table todifference
host1, time-taken
host2, time-taken
And then perhaps plot the time in a timechart with x-axis with host-names and Y-axis with time taken
↧