https://community.splunk.com/t5/Splunk-Search/How-to-select-only-specific-values-into-search/m-p/597078#M207844 <P>This is not possible with standard graphs (as far as I am aware) - having said that, you could overlay a line at 5 so that it is obvious which point are above it</P> Tue, 10 May 2022 06:12:57 GMT ITWhisperer 2022-05-10T06:12:57Z https://community.splunk.com/t5/Splunk-Search/How-to-select-only-specific-values-into-search/m-p/596961#M207790 <P>Hi all, I have a table and I need to highlight the values that are greater than lets say 5 in a line graph. how to select only those specific values into search</P> <P>&nbsp;</P> Mon, 09 May 2022 17:18:46 GMT https://community.splunk.com/t5/Splunk-Search/How-to-select-only-specific-values-into-search/m-p/596961#M207790 badrinath 2022-05-09T17:18:46Z https://community.splunk.com/t5/Splunk-Search/How-to-select-only-specific-values-into-search/m-p/596963#M207791 <LI-CODE lang="markup">your search | where value &gt; 5</LI-CODE> Mon, 09 May 2022 13:28:15 GMT https://community.splunk.com/t5/Splunk-Search/How-to-select-only-specific-values-into-search/m-p/596963#M207791 ITWhisperer 2022-05-09T13:28:15Z https://community.splunk.com/t5/Splunk-Search/How-to-select-only-specific-values-into-search/m-p/596967#M207795 <P>This use case is not clear.&nbsp; You have a table and want to make a line graph?&nbsp; Do you want to highlight the anomalous values or select them?</P><P>If you know you only want values greater than 5 then a where clause should do the job.</P><LI-CODE lang="markup">,,, | where myField &gt; 5</LI-CODE><P>If you don't know what the threshold value should be then consider the anomalousvalue command.</P><LI-CODE lang="markup">... | anomalousvalue action=filter myField</LI-CODE><P>Do tell us more about the use so we can offer better answers.</P> Mon, 09 May 2022 13:40:13 GMT https://community.splunk.com/t5/Splunk-Search/How-to-select-only-specific-values-into-search/m-p/596967#M207795 richgalloway 2022-05-09T13:40:13Z https://community.splunk.com/t5/Splunk-Search/How-to-select-only-specific-values-into-search/m-p/597057#M207828 <P>thanks for the reply, but actually I have this kind of values</P><P><span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="badrinath_0-1652155181764.png" style="width: 400px;"><img src="https://community.splunk.com/t5/image/serverpage/image-id/19538iD9F16D23932F3F7D/image-size/medium?v=v2&amp;px=400" role="button" title="badrinath_0-1652155181764.png" alt="badrinath_0-1652155181764.png" /></span></P><P>and I am using this query</P><P>..... | bucket _time span=10m</P><P>| chart count by _time,country</P><P>and I got the result as shown below</P><P><span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="badrinath_1-1652155565927.png" style="width: 400px;"><img src="https://community.splunk.com/t5/image/serverpage/image-id/19539i48EF4EF6071F6F94/image-size/medium?v=v2&amp;px=400" role="button" title="badrinath_1-1652155565927.png" alt="badrinath_1-1652155565927.png" /></span></P><P>now when I convert it into a graph I wanted to highlight pints that are greater than 5 and also to filterout those points.</P><P>&nbsp;</P> Tue, 10 May 2022 04:08:41 GMT https://community.splunk.com/t5/Splunk-Search/How-to-select-only-specific-values-into-search/m-p/597057#M207828 badrinath 2022-05-10T04:08:41Z https://community.splunk.com/t5/Splunk-Search/How-to-select-only-specific-values-into-search/m-p/597065#M207833 <LI-CODE lang="markup">| bin _time span=10m | stats count by _time country | where count &gt; 5 | xyseries _time country count</LI-CODE> Tue, 10 May 2022 05:41:25 GMT https://community.splunk.com/t5/Splunk-Search/How-to-select-only-specific-values-into-search/m-p/597065#M207833 ITWhisperer 2022-05-10T05:41:25Z https://community.splunk.com/t5/Splunk-Search/How-to-select-only-specific-values-into-search/m-p/597068#M207836 <P>thankyou, that worked but first I need to show the graph for all the data then highlight the points greater then 5 and then filter out those points.</P><P>this worked well for filtering but I need to highlight them also</P> Tue, 10 May 2022 05:51:06 GMT https://community.splunk.com/t5/Splunk-Search/How-to-select-only-specific-values-into-search/m-p/597068#M207836 badrinath 2022-05-10T05:51:06Z https://community.splunk.com/t5/Splunk-Search/How-to-select-only-specific-values-into-search/m-p/597072#M207840 <P>A graph is a visualisation of a table of data.</P><P>You can have a table with all the data and you can have another table with the filtered data - the visualisation isn't normally going to change from one table to the other.</P> Tue, 10 May 2022 06:01:55 GMT https://community.splunk.com/t5/Splunk-Search/How-to-select-only-specific-values-into-search/m-p/597072#M207840 ITWhisperer 2022-05-10T06:01:55Z https://community.splunk.com/t5/Splunk-Search/How-to-select-only-specific-values-into-search/m-p/597074#M207841 <P>In the graph with all the data I need to highlight only the points that are greater than 5 is it possible?&nbsp;</P> Tue, 10 May 2022 06:06:00 GMT https://community.splunk.com/t5/Splunk-Search/How-to-select-only-specific-values-into-search/m-p/597074#M207841 badrinath 2022-05-10T06:06:00Z https://community.splunk.com/t5/Splunk-Search/How-to-select-only-specific-values-into-search/m-p/597078#M207844 <P>This is not possible with standard graphs (as far as I am aware) - having said that, you could overlay a line at 5 so that it is obvious which point are above it</P> Tue, 10 May 2022 06:12:57 GMT https://community.splunk.com/t5/Splunk-Search/How-to-select-only-specific-values-into-search/m-p/597078#M207844 ITWhisperer 2022-05-10T06:12:57Z https://community.splunk.com/t5/Splunk-Search/How-to-select-only-specific-values-into-search/m-p/597079#M207845 <P>But I am using dashboard studio and I think overlay is not possible in it can you please conform&nbsp;</P> Tue, 10 May 2022 06:14:12 GMT https://community.splunk.com/t5/Splunk-Search/How-to-select-only-specific-values-into-search/m-p/597079#M207845 badrinath 2022-05-10T06:14:12Z https://community.splunk.com/t5/Splunk-Search/How-to-select-only-specific-values-into-search/m-p/597081#M207846 <P>I don't use Dashboard Studio due to such limitations!</P><P>If you are already using a line graph, it could just be another series in the table</P><LI-CODE lang="markup">| bin _time span=10m | stats count by _time country | where count &gt; 5 | xyseries _time country count | eval threshold=5</LI-CODE> Tue, 10 May 2022 06:18:11 GMT https://community.splunk.com/t5/Splunk-Search/How-to-select-only-specific-values-into-search/m-p/597081#M207846 ITWhisperer 2022-05-10T06:18:11Z https://community.splunk.com/t5/Splunk-Search/How-to-select-only-specific-values-into-search/m-p/597082#M207847 <P>thanks</P> Tue, 10 May 2022 06:24:42 GMT https://community.splunk.com/t5/Splunk-Search/How-to-select-only-specific-values-into-search/m-p/597082#M207847 badrinath 2022-05-10T06:24:42Z