topic Re: Display time graph based on peak events over time || based on the log occurence i need to plot the graph over time in Splunk Search https://community.splunk.com/t5/Splunk-Search/Display-time-graph-based-on-peak-events-over-time-based-on-the/m-p/475643#M133667 <P>Yeah able to do and it works as expected.</P> Tue, 18 Feb 2020 10:23:19 GMT d942725 2020-02-18T10:23:19Z Display time graph based on peak events over time || based on the log occurence i need to plot the graph over time https://community.splunk.com/t5/Splunk-Search/Display-time-graph-based-on-peak-events-over-time-based-on-the/m-p/475641#M133665 <P>I have a use case where i need to plot the time graph, which shows the events count based on time. I must be able to see the graphical view of spike in the events I receive over time. I have some log similar to the one mentioned below:<BR /> {<BR /> @timestamp: 2020-02-04T13:46:41.274+00:00<BR /> domain: test<BR /> environment: dev<BR /> level: INFO<BR /> logger_name: com.test.practice.evthub.sse.impl.EventEncrypter<BR /> message: Published records to Kinesis stream<BR /> thread_name: main<BR /> }</P> <P><STRONG>Query</STRONG>: domain="test" environment="dev" logger_name="com.test.practice.evthub.sse.impl.EventEncrypter" message="<EM>Published records to Kinesis stream</EM>"|stats count by message<BR /> I tried using timechart function by passing the message as input but was getting some tabular format instead of graph plots. Can someone help me to do this query ?</P> Wed, 30 Sep 2020 04:16:57 GMT https://community.splunk.com/t5/Splunk-Search/Display-time-graph-based-on-peak-events-over-time-based-on-the/m-p/475641#M133665 d942725 2020-09-30T04:16:57Z Re: Display time graph based on peak events over time || based on the log occurence i need to plot the graph over time https://community.splunk.com/t5/Splunk-Search/Display-time-graph-based-on-peak-events-over-time-based-on-the/m-p/475642#M133666 <PRE><CODE>domain="test" environment="dev" AND logger_name="com.test.practice.evthub.sse.impl.EventEncrypter" AND message="Published records to Kinesis stream" |timechart count by message </CODE></PRE> <P>Is this wrong?</P> Tue, 18 Feb 2020 10:21:17 GMT https://community.splunk.com/t5/Splunk-Search/Display-time-graph-based-on-peak-events-over-time-based-on-the/m-p/475642#M133666 to4kawa 2020-02-18T10:21:17Z Re: Display time graph based on peak events over time || based on the log occurence i need to plot the graph over time https://community.splunk.com/t5/Splunk-Search/Display-time-graph-based-on-peak-events-over-time-based-on-the/m-p/475643#M133667 <P>Yeah able to do and it works as expected.</P> Tue, 18 Feb 2020 10:23:19 GMT https://community.splunk.com/t5/Splunk-Search/Display-time-graph-based-on-peak-events-over-time-based-on-the/m-p/475643#M133667 d942725 2020-02-18T10:23:19Z Re: Display time graph based on peak events over time || based on the log occurence i need to plot the graph over time https://community.splunk.com/t5/Splunk-Search/Display-time-graph-based-on-peak-events-over-time-based-on-the/m-p/475644#M133668 <P>please acceptand close your issue.</P> Tue, 18 Feb 2020 21:00:02 GMT https://community.splunk.com/t5/Splunk-Search/Display-time-graph-based-on-peak-events-over-time-based-on-the/m-p/475644#M133668 to4kawa 2020-02-18T21:00:02Z Re: Display time graph based on peak events over time || based on the log occurence i need to plot the graph over time https://community.splunk.com/t5/Splunk-Search/Display-time-graph-based-on-peak-events-over-time-based-on-the/m-p/475645#M133669 <P>I moved your comment to an answer, and it seems pretty apparent the user accepts this, so I will accept for him.</P> Wed, 19 Feb 2020 20:17:47 GMT https://community.splunk.com/t5/Splunk-Search/Display-time-graph-based-on-peak-events-over-time-based-on-the/m-p/475645#M133669 Richfez 2020-02-19T20:17:47Z