Page Comparison

...

Expand

title	Example 1

Use the following query in a table widget to create a dynamic table that allows you to specify the source data table, the grouping period, and the grouping key.

Code Block
query( from $Select0.value group every $Select1.value by $*Select2.value select count() as count)

The table is linked to three different Select-type inputs populated with the values shown below.

Select0	Select1	Select2
`["demosiem.logtrust.ecommerceweb.dataactivity", "siem.logtrust.web.all.accessnavigation"]`	`["2m", "5m", "10m", "1s"“1m”, “2m”, “5m”, “10m”]`	`["statusCode", "method"“type”, “city”]`

The following capture shows the table after selecting demosiem.logtrust.ecommerceweb.dataactivity as source table, 1s 5m as grouping time and statusCodetype as key column for the grouping.

Image Removed

Image Added

Expand

title	Example 2

Use the following query to feed a column widget to display the count of status codes methods with response times greater than a specified value and grouped by a period selected from a list of values.

Code Block
query( from demo.ecommerce.datasiem.logtrust.web.activity where responseTime > $Input0.value group every $Select0.value by statusCode where statusCode > $Input0.value method select count() as count)

The inputs are populated with the values shown below.

Select0	Input0
`["5m", "10m", "15m"]`	`400500`

The following capture shows the column widget after selecting 5m 15m in the select input as grouping period and entering 400 500 in the free-text input as filtering value, so that only status codes methods with response times greater than 400 500 are shown in each five-minute period. You must select the count field count field as the Yy-axis value and add the statusCode column the method field as a series in the the Visual settings settings of the column widget.

Image Removed

Image Added

Related articles:

...

Versions Compared

Old Version 14

New Version 15

Key