host=”*” sourcetype=iis (insertIISurl) | eval time_taken = time_taken/1000 | stats max(time_taken) AS “Highest Response Time” host=”*” sourcetype=iis (insertIISurl) | eval time_taken = time_taken/1000 | stats avg(time_taken) AS “Average Response Time” host=”*” sourcetype=iis (insertIISurl) | eval time_taken = time_taken/1000 | stats fastest(time_taken) AS “Fastest Response Time” Above is 3 panels , Fastest, Average, and Longest response time. […]
Event Logs | System Logs | Warnings and Errors
This will hit all of the host and pull back the eventlogs and group them by Message. You can change the source to what ever windows eventlogs you need source=wineventlog:application source=wineventlog:security source=wineventlog:system host=”*” source=wineventlog:system NOT Type=Information | stats count by Message | sort -count | table count, Message
