Graph Based On Time

All Apps and Add-ons

Hi Team,

I wanna design a Line Chart that gives me the count of request that has hit my server with time as base.

Test data :

2017-08-08 22:38:24,331 INFO XYZXYZ 22:38:24,331 INFO [APP_INVOKE_MSG] APP Request aDasdADSAdsaDSADASDA asdaSD ID_01SDFBH ASDASDASDDAdASSDa //-1/NO,RULE.ID:1:1=below minimum value (0)

2017-08-08 22:38:24,331 INFO XYZXYZ 22:38:24,331 INFO [APP_INVOKE_MSG] APP Request aldisjba;sdjba;ojds;ajn;kc a;ojcn;ajc;ajobnc;ooajb;ojjaw;jbb;

The above data is parsed in the below format and has brought inside the splunk

Data Parsing Formate:

Timestamp : 2017-08-08
Time : 22:38:24
Logging_Priority : 331
Log_Level : INFO
Connection_factory : [XYZXYZ]
Thread_Number : (httpXYSGHFA 10.100.1234.12-1234-81)
Application_Message : 22:38:24,331 INFO [APP_INVOKE_MSG] APP Request [ ID_123SDFBH//-1/NO,RULE.ID:1:1=below minimum value (0) ]

With the field "Time" in the X axis and Y axis by counting the string "Request" & "Response" in the application Message i need to draw a graph exactly as shown below

please help me with the query.

Regards,
Vigneshprasanna R

44 KB

Get Updates on the Splunk Community!

Graph Based On Time

What the End of Support for Splunk Add-on Builder Means for You

Solve, Learn, Repeat: New Puzzle Channel Now Live

Building Reliable Asset and Identity Frameworks in Splunk ES

Are you a member of the Splunk Community?

Graph Based On Time

What the End of Support for Splunk Add-on Builder Means for You

Solve, Learn, Repeat: New Puzzle Channel Now Live

Building Reliable Asset and Identity Frameworks in Splunk ES