Hi all, I am new to ELK stack.
can you please help me with below requirement.
I am trying to create a metric based on condition like sum( sales) for region ="Middle East"
I have tried using the sum bucket in aggregation and using filter in bucket , I am able to achieve it but I am not able to change the name of the field ( give a custom label ).
Is there any way to change the field name ? How can we achieve this using json input or scripted field ?
Are you looking to do something like this in the KQL search bar region.keyword: "Middle East"? That will filter the entire dataset down to just the Middle East and then you can do a normal sum(sales) to get the data.
No, I just want the metric to be filtered.
My actual requirement is
I have two metrics that need individual filters
Metric 1 = avg(sales) filter: class=A
Metric 2 = avg(sales) filter: class=B
and then find the difference of metric 1and metric 2
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.