Hi all,
I have this kind of logs.I have STRING field,it have 7 different catagories.[RB03,RV02,EV1,EV2,EV3,EV4,EV8]
message:35793179,5/16/2018 9:25,75,14472,RV02,1100110181,2.3.5,1E002D070C38,OFF
message:35793151,5/16/2018 9:25,142,15852,RB03,1100110251,2.3.a,CWDCOIN00001,1.1
message:35792553,5/16/2018 9:11,290,31980,EV1,,,,
message:35792577,5/16/2018 9:11,84,10570,EV2,,,,
message:35792545,5/16/2018 9:01,295,31980,EV3,,,,
message:357925344,5/16/2018 9:13,294,31980,EV4,,,,
message:35792523,5/16/2018 9:11,267,31980,EV8,,,,
I have to count all 7 catagories do calculation as given below and find out percentage.
PERCENTAGE=[counts of RB03-[counts of RV02+counts of EV1+counts of EV2+counts of EV3+counts of EV4+counts of EV8]/count of RB03]*100
I dont know how to do this kind of thing, in my search, i found about scripted field, may be it could be done by that.
io apply this scripted field and got error both given below.
scriepted field:
lungauge: expression
doc['msg string':'RB03']
return msg string.sum
ERROR:
Error: Request to Elasticsearch failed: {"error":{"root_cause":[{"type":"script_exception","reason":"compile error","script_stack":["doc['msg string':'RB03']\nreturn msg string.sum"," ^---- HERE"],"script":"doc['msg string':'RB03']\nreturn msg string.sum","lang":"expression"}],"type":"search_phase_execution_exception","reason":"all shards failed","phase":"query","grouped":true,"failed_shards":[{"shard":0,"index":"abc","node":"kFQ8htC6Q3afGoneX-o8tA","reason":{"type":"script_exception","reason":"compile error","script_stack":["doc['msg string':'RB03']\nreturn msg string.sum"," ^---- HERE"],"script":"doc['msg string':'RB03']\nreturn msg string.sum","lang":"expression","caused_by":{"type":"parse_exception","reason":"unexpected character '[' on line (1) position (3)","caused_by":{"type":"lexer_no_viable_alt_exception","reason":null}}}}]},"status":500}