index=_internal earliest=-48h latest=-24h | bin _time span=10m | stats count by _time | eval window=”yesterday” | append | timechart span=10m sum(count) by window This search will lay a count of something (in this case, just a count) on a timechart, with a corresponding count on the same time frame axis. With this simple search, you […]
