Hi! I managed to create a Table View with the logs I needed. Like this:
{cluster="my-cluster", app=~"my-application"}
|~ "Error message I want to filter"
| json
| line_format `{{.data}}`
| json name="name"
| json color="color"
Also, I need to use the Transformation Data tool to Extract labels, group by then sort by.
The result was a table with the fields I wanted with a COUNTER.
But now I need to create an ALERT that triggers everytime the counter reaches X within 1 hour. How could I manage to do that?