Is there a way to create a Squid proxy visualizati...

All Apps and Add-ons

Ask a Question

Hello Members,

This is a great source of information and help. I am using the Splunk Add on for Squid Proxy.

I am getting data from the squid access log in the recommended splunk format. The dashboard that comes

with the install is find.

I am creating another dashboard based on that dashboard. I am monitoring bytes_in, bytes_out, and bytes.

It seems that the Splunk search for bytes is the total of bytes_in and bytes_out.

I am using a search that returns the sum of bytes_out using | status sum(bytes_out) for all src_ips. like this:

index=squid
| stats sum(bytes_out) as TotalBytes
| eval gigabytes=TotalBytes/1024/1024/1024
| table gigabytes

I do the same thing for "bytes" Is there some way I can create a visualization, using a single value viz,

so I can show bytes per time? Like x bytes / hour, maybe even one of those gauges? I would like to use a time picker with this as well - or a selectable span, etc Would the "timechart" allow me to do this?

Thanks so much,

eholz1

Get Updates on the Splunk Community!

Is there a way to create a Squid proxy visualization using a single value viz?

configuration

.conf25 Community Recap

Splunk App Developers | .conf25 Recap & What’s Next

Congratulations to the 2025-2026 SplunkTrust!

Are you a member of the Splunk Community?

Is there a way to create a Squid proxy visualization using a single value viz?

configuration

.conf25 Community Recap

Splunk App Developers | .conf25 Recap & What’s Next

Congratulations to the 2025-2026 SplunkTrust!