How to create a visualization to show if a service...

edoardo_vicendo · ‎09-19-2016

Hi All,

I am quite new to Splunk, and I am trying to plot a graph that just represent if a service (CICS Region) is up or down without the need to have this info over time, we just would like to have a graph that represent the name of the service and a red/green indicator.

To do so we are collecting the info from the server collecting them as below:

Thu Sep 15 15:49:41 CEST 2016;CICSR1;available
Thu Sep 15 15:49:41 CEST 2016;CICSR2;available
Thu Sep 15 15:49:41 CEST 2016;CICSR3;available
Thu Sep 15 15:49:41 CEST 2016;CICSR4;available

and doing a search as below:

source="../SPLUNK_cics_region_control.txt" host="CICS_REGION" sourcetype="csv" CICS_REGION="CICSR1"  | eval AVAILABILITY = if(AVAILABILITY="available","OK","KO")  | dedup 1 source

In this way we are able to select the last event, with the information if OK/KO.

May you please suggest how to plot the info to represent the service with a red/green indicator if OK/KO?

Best Regards,
Edoardo

sundareshr · ‎09-19-2016

You can use single value visualization and here's a previous discussion similar to what you are trying to achieve

https://answers.splunk.com/answers/103910/using-text-field-up-down-for-single-value-in-dashboard-and...

How to create a visualization to show if a service is "up" or "down"?

Splunk Decoded: Service Maps vs Service Analyzer Tree View vs Flow Maps

What’s New in Splunk Observability – September 2025

Fun with Regular Expression - multiples of nine

Are you a member of the Splunk Community?

How to create a visualization to show if a service is "up" or "down"?

Splunk Decoded: Service Maps vs Service Analyzer Tree View vs Flow Maps

What’s New in Splunk Observability – September 2025

Fun with Regular Expression - multiples of nine