{"Username": A, "Condition":92, "Severity":32}
{"Username": A, "Condition":89, "Severity":65}
{"Username": B, "Condition":92, "Severity":60}
{"Username": B, "Condition":21, "Severity":53}
{"Username": B, "Condition":33, "Severity":65}
{"Username": C, "Condition":94, "Severity":60}
{"Username": C, "Condition":10, "Severity":65}
Above is a sample of my output. How can I get the count of the Usernames A & B? How can I get the count of only Username C?
Any help would be appreciated.
if you want to get the count of all usernames:
Count (already chosen by default)this will produce result like
username | count
A | 10
B | 12
C | 30
now if you want to show only user A, just click on A and it will filter only on that user
you will see a filter added to the filter panel on the top, you can click that filter and EDIT it
in the edit mode you will see something like username is A
you could change the is to is one of and enter A, B to the value field and you will get only the users A and B.
let me know if this helps.
regards, Peter
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.
© 2020. All Rights Reserved - Elasticsearch
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant logo are trademarks of the Apache Software Foundation in the United States and/or other countries.