All Apps and Add-ons
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question
Solved! Jump to solution

How To Create Heat Map time as X axis?

manikanthkoti
Loves-to-Learn Everything
‎01-30-2020 11:42 PM

Hi,
I have below a table with fields (hourTime, appName, Fail). This table tells you how many transactions are failed for the Particular application in that hour.

Please help me to create the heat map by using these fields as hourTime as X-Axis and appName as Y-Axis.

I am trying for "Heat Map Viz" please find the link(https://splunkbase.splunk.com/app/4460/#/details)

Please help me is there any better Visuvilizations also to Display this.

Please help me . Thank you very much in advance

alt text

Preview file
1 KB
Preview file
1 KB
0 Karma
Reply
1 Solution
Solved! Jump to solution
Solution

to4kawa
Ultra Champion
‎01-31-2020 03:35 AM

Sample:

| makeresults count=2 
| streamstats count 
| eval _time=if(count=2,relative_time(_time,"-2d@d"),relative_time(_time,"-1d@d")) 
| makecontinuous _time span=5m 
| eval appName="APP_".(random() % 3 + 1), count = random() % 10 + 1 
| timechart span=1h sum(count) as count by appName

Hi , @manikanthkoti
hourTime is bad format.
Please provide your query. I'll fix it.

View solution in original post

0 Karma
Reply
Solved! Jump to solution
Solution

to4kawa
Ultra Champion
‎01-31-2020 03:35 AM

Sample:

| makeresults count=2 
| streamstats count 
| eval _time=if(count=2,relative_time(_time,"-2d@d"),relative_time(_time,"-1d@d")) 
| makecontinuous _time span=5m 
| eval appName="APP_".(random() % 3 + 1), count = random() % 10 + 1 
| timechart span=1h sum(count) as count by appName

Hi , @manikanthkoti
hourTime is bad format.
Please provide your query. I'll fix it.

0 Karma
Reply
Solved! Jump to solution

manikanthkoti
Loves-to-Learn Everything
‎01-31-2020 05:46 AM

Thank you very much I did the same thing now I am getting Visualizations but I need a colors based on appName, not by Fail.
Is there any way to change the color based on appName?

0 Karma
Reply
Solved! Jump to solution

spavin
Path Finder
‎01-31-2020 04:09 PM

Hi Manikanthkoti,

Can you provide an example of coloring by appName? The heat map is designed to show variation in the data - in this case the count. Are you looking for static colors for each app?

0 Karma
Reply
Solved! Jump to solution

to4kawa
Ultra Champion
‎01-31-2020 02:26 PM

sorry, I don't know.
option is nothing.
If you want to change the color based on appName, maybe you should create SplunkJS.

0 Karma
Reply
Get Updates on the Splunk Community!

Combine Multiline Logs into a Single Event with SOCK - a Guide for Advanced Users

This article is the continuation of the “Combine multiline logs into a single event with SOCK - a step-by-step ...

Everything Community at .conf24!

You may have seen mention of the .conf Community Zone 'round these parts and found yourself wondering what ...

Index This | I’m short for "configuration file.” What am I?

May 2024 Edition Hayyy Splunk Education Enthusiasts and the Eternally Curious!  We’re back with a Special ...