hi @erez10121012
Please convert your comment into an answer and accept it for the benefit of other forum members

hi @erez10121012
I had a look at your events and the first query i had given

      | eval _raw=split(_raw,",")
         |  streamstats count as row |eval row=row-1|mvexpand  _raw
         |  chart values(_raw) by row

first i split your raw events which is nothing but 4 packets value by a comma.
I add a eval to the row to reduce it by 1 (so row1 becomes row 0)
just check if this works.
NOTE - check after splitting the values of _raw should come as a number, else use |eval _raw=tonumber(_raw) AFTER the split.

thanks niketnilay
each row, for example row number 1, i want to plot graph.
if i take row 1, (i take the first 5 numbers) i want to see something like this:

if it help to solve my problem:
i can send the DATA in other format? for example (-72):(-76): etc

still not clear, how i the above a snapshot of values for row #1?
it looks like a series of values for rows 1-5?

maybe you are right. i dont want to plot all the rows in the same time.
i want to plot row 1 for example, but if i plot by _TIME i see one column in Given time.
but i want to plot by _(0,1,2,3,4...)
so for 0 the value is -72
for 1 the value is -76
etc

thanks

@erez10121012 for the two raw events in your example how do you want to plot them on chart? Can you add a mock screenshot or whiteboard snap explaining the same. Chart is not the right visualization for display raw data.

You can try out Event Annontation or Chart Tooltip Text as options but I dont think that kind of requirement for raw data makes sense, so please add a mock screenshot of output with some sample data: https://answers.splunk.com/answers/613705/using-dashboard-for-presentation.html

hi
i success to separate the value, but raw is always ‘1’ and all the data plot in the same line
thanks

hi @Sukisen1981
your solution work, but i need it for 4000 values and the rex function are limit.
can i write function or loop the initelyz the pckt1-4000 ?
in the picture you can see the first 3 value, but now i need 4000.
thanks

hi @erez10121012 I apologize if I came out as rude,I didn't mean to.
This is a confusing situation, you can have 4000 lines or 4000 columns, splunk viz limits to 10 K.
BUT
will that be readable for end users?
Either way you are bound to find the chart too cramped. Are you looking for a dashboard panel or just a standalone search viz for this issue?
If you are considering a dashboard panel, I strongly recommend a summary view as a top level panel and then changing it to more details on drill down etc. If you are looking for a standalone search(or a dashboard panel for that matter) I don't think this vizs. are going to be of much help. You can build something technically but the viz will be all cramped and too 'dense' to interpret.
you have 4 values for each event, I suggest considering a pie with treliis view for each of the four

hi @Sukisen1981
yes im looking for a dashboard panel, the user need to see the plot, if you can see in The picture above:
most of the value is between -75 to -60 , only few peaks are at -40 so the user can see it.

about the vizs: i just try different ways to fine the solution, but still i cant find how to plot the array

hi
thanks for the help
i dont get the right chart.
please see the picture above.

i don't understand your requirement you want one straight horizontal line as x axis changes? what you have shown is the event snapshot, it just shows 3 events being indexed..can you clarify more?

@Sukisen1981 <" i don't understand your requirement you want one straight horizontal line as x axis changes? what you have shown is the event snapshot, it just shows 3 events being indexed..can you clarify more? ">

for example , in this picture we see 3 event, i want to take the first event (10,20,30) and plot it as function of generic running index (0,1,2,3....).
the graph of this event look like Diagonal line.