Dashboards & Visualizations
×

Join the Conversation

Without signing in, you're just watching from the sidelines. Sign in or Register to connect, share, and be part of the Splunk Community.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question

Create Dashboard and show error code & count

rajiv_kumar
Path Finder
‎05-18-2011 11:59 AM

We need to create Dashboard. In dashboard, need to show Error code (001, 002, 003...) in X-axis and count() in Y-axis in 1 hr span.
Please suggest me if any idea.

Tags (1)
0 Karma
Reply

rajiv_kumar
Path Finder
‎05-19-2011 11:02 AM

I am looking x-axis should have Error Code(The code generated by my log Ex: Error:00001, Error:00002 etc) and Y- axis should have count(How many error happend during some period of time)

0 Karma
Reply

Masa
Splunk Employee
Splunk Employee
‎05-19-2011 11:16 AM

If you have the field called "Error", and specify the time range at search time;

| stats count by Error

Or,

earliest=-1h@h latest=@h | stats count by Error

Or,

earliest=-1h@h latest=@h | chart count by Error

0 Karma
Reply

Masa
Splunk Employee
Splunk Employee
‎05-18-2011 09:17 PM

Do you mean that X is time and Y is count, like a timechart example?

Assuming your event logs are like Splunk inernal web_access.log whih has status code, such as 200, 404 etc. The field name is called "status".

If you want to see the counts of each status code in timechart, and every 10 minutes time span for the past hour, please try the following query as an example.


index=_internal source="web_access.log" | timechart span=1h count by status

Try and show it in Report or Advanced Charting page. If the graph is what you are looking for, please save the search, create a dashboard from "Action" dropdown menue in Search page.

0 Karma
Reply
Get Updates on the Splunk Community!

New Year, New Changes for Splunk Certifications

As we embrace a new year, we’re making a small but important update to the Splunk Certification ...

[Puzzles] Solve, Learn, Repeat: Unmerging HTML Tables

[Puzzles] Solve, Learn, Repeat: Unmerging HTML TablesFor a previous puzzle, I needed some sample data, and ...

Enterprise Security (ES) Essentials 8.3 is Now GA — Smarter Detections, Faster ...

As of today, Enterprise Security (ES) Essentials 8.3 is now generally available, helping SOC teams simplify ...