Dashboards & Visualizations
×

Join the Conversation

Without signing in, you're just watching from the sidelines. Sign in or Register to connect, share, and be part of the Splunk Community.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question
Solved! Jump to solution

Change Single Value Visualization Based on Text

mistydennis
Communicator
‎08-18-2024 07:42 AM

Hello - I realize this question has been asked several times before and I've tried to implement every solution I've found, but nothing seems to be working.

I simply want to update a single value visualization based on the text. If "Yes", then green, and if "No", red. 

I've tried using older solutions involving rangemap and changing some of the charting options, but I'm not having any luck in v9.3.0. 

| inputlookup mylookup.csv 
| search $time_tok$ $field_tok$=Y 
| stats max(Distance) AS GuideMiles 
| appendcols 
    [| mylookup.csv 
    | search $month_tok$ 
    | stats max(TargetMiles)] 
| rename max(TargetMiles) AS TargetMiles 
| eval OnTarget=case(GuideMiles>=TargetMiles,"Yes", true(), "No") 
| table OnTarget

 

Labels (1)
Labels
0 Karma
Reply
1 Solution
Solved! Jump to solution

uagraw01
Motivator
‎08-18-2024 12:41 PM

@mistydennis 

### Steps to Use Single Value Visualization in your dashboard.

1. **Run the Query**: Use the query you provided to generate the `OnTarget` value.

2. **Select Visualization**:
- After running the query, go to the **Visualization** tab in the search results.
- From the available visualizations, choose **Single Value**.

3. **Configure Conditional Coloring**:
- Click on **Format** in the Visualization tab.
- Under **Color**, enable **Color by value**.
- Add your conditions:
- **If value is "Yes"**: Set the color to green.
- **If value is "No"**: Set the color to red.

4. **Save and Use**:
- Apply the settings, and you will see the value displayed either in green or red based on the result ("Yes" or "No").
- You can then save this as part of your dashboard if needed.

upvote is appreciated.

0 Karma
Reply
Solved! Jump to solution

ITWhisperer
SplunkTrust
SplunkTrust
‎08-18-2024 10:58 AM

While you have clearly shown your search (which by the way seems perfectly fine), what you haven't shown or described is what you have tried in your dashboard. Please can you provide further information?

Reply
Get Updates on the Splunk Community!

Splunk Search APIを使えば調査過程が残せます

   このゲストブログは、JCOM株式会社の情報セキュリティ本部・専任部長である渡辺慎太郎氏によって執筆されました。 Note: This article is published in both Japanese ...

Integrating Splunk Search API and Quarto to Create Reproducible Investigation ...

 Splunk is More Than Just the Web Console For Digital Forensics and Incident Response (DFIR) practitioners, ...

Congratulations to the 2025-2026 SplunkTrust!

Hello, Splunk Community! We are beyond thrilled to announce our newest group of SplunkTrust members!  The ...