To get the top 5 most frequent ERROR logs of particular service.
I tried to write query for the same
" service:"USER" | level_name:"ERROR" | stats count by message | sort -count | head 5 "
but it did not work bcoz graylog cant count message field. Is their any other way , we can do this.
graylog version-- 4.3
