Solved: How do you display response time results sorted in...

navd · ‎09-10-2018

I am trying to display response times in a chart for my services. But, how do I display the response times results in chart in descending order (Highest number first)?

<myBaseSearch> | eval Date=strftime(_time, "%Y-%m-%d")  | chart avg(response_time) over services by Date  | rename * as avg_*  | rename avg_services as services   | foreach avg_* [eval "<<FIELD>>"= round('<<FIELD>>',2)]  | rename avg_* as *

mayurr98 · ‎09-10-2018

hey @navd,

You can not do that if you have multiple services , because you have got multiple columns and you are actually sorting on multiple columns which is logically not possible.

However, you can sort on 1 column(1 service) using | sort - servicename but other columns will automatically adjust.

let me know if this helps!

View solution in original post

mayurr98 · ‎09-10-2018

hey @navd,

You can not do that if you have multiple services , because you have got multiple columns and you are actually sorting on multiple columns which is logically not possible.

However, you can sort on 1 column(1 service) using | sort - servicename but other columns will automatically adjust.

let me know if this helps!

navd · ‎09-10-2018

Ya now I understand why my sorting didn't work . Thank you

woodcock · ‎09-10-2018

Add this to the end:

| sort 0 - YourFieldWithCountHere

How do you display response time results sorted in descending order ?

Index This | I’m short for "configuration file.” What am I?

New Articles from Academic Learning Partners, Help Expand Lantern’s Use Case Library, ...

Your Guide to SPL2 at .conf24!