Hi All,
I have created a query to get the outliers of Duration In outliers graph. I am getting the results appropriate , but not able to understand what the x-axis means . It is creating with number (0,500,1000,1500 ....) with no name specified . Y-axis is duration range , here the name of Y-axis is series 2 ( think splunk has generated it ) but I am not able to change the name . I tried even in XML.
I cannot attach the screenshots . I am posting my query below. Please help me undertsand what the x-axis is and is there any way to change the code to get the timerange in x-axis .
index="XXX" source="XY" StartSession
| stats min(_time) as InTime by TraceID
| table InTime TraceID _time
| sort InTime
| join TraceID
[ search index="XXX" source="XY" EndSession
| stats max(_time) as OutTime by TraceID
| table OutTime , TraceID]
| eval Duration = (OutTime - InTime)
| eval lowerBound=0, upperBound=100
| eval isOutlier=if('Duration' < lowerBound OR 'Duration' > upperBound, 1, 0)
| fields _time, "Duration", lowerBound, upperBound, isOutlier, *
Here the _time field is not displaying anything .
Please help me understand what is X-axis and y-axis means here in outliers graph.
Can we change the "Series 2 " Name that appears in Y-Axis to "Duration " in any way ?
Thanks