Example
lsstat returns various summary stats per bucket for the specified field. The field must be numeric in elastic.
rStat can be one of avg, min, max, sum, sum_of_squares, variance, std_deviation.
The rest of the fields behave the same as lscount, except that there is no division based on bucketDuration (since these are summary stats)
$max_querytime_by_minute = lsstat("logstash", "", "env:prod", "querytime", "max", "1m", "1h", "")
The lsstat in this queries the logstash indexes, filters on a field env with the value prod, and gives the max value of querytime for the last hour, in one minute buckets.
