Dashboards & Visualizations
×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question

How to get count and percentage of targets displayed in a dashboard based off of request types?

bryceweb22
Path Finder
‎06-03-2019 09:24 AM

I am trying to create a dashboard that displays the count and percentage based off HTTP and HTTPS request types.

0 Karma
Reply

martynoconnor
Communicator
‎06-03-2019 11:26 AM

So when you say you can see HTTPS and HTTP request types - is the field for request type being extracted by Splunk? If it's just present in the raw event data but not extracted, then you'll need to first extract it. You can check on the list of events on the left hand side of results to see if it has been extracted.

Can you also show me an example (redacting out any sensitive data) of each request type from your events? That will help me write you a more focused search if the field isn't being extracted normally.

0 Karma
Reply

bryceweb22
Path Finder
‎06-03-2019 10:23 AM

I am getting no results found, but I am looking through the logs and can clearly see that there are HTTP and HTTPS request types.

0 Karma
Reply

martynoconnor
Communicator
‎06-03-2019 09:54 AM

Hi there,

You can modify this search to meet your needs. I used Splunk's internal logs as an example:

index=_internal sourcetype=splunkd log_level=*
| eventstats count as totalcount 
| chart sparkline count,first(totalcount) as totalcount by log_level 
| eval percentage=round(count/totalcount*100,2)."%"
Reply
Get Updates on the Splunk Community!

Splunk Observability for AI

Don’t miss out on an exciting Tech Talk on Splunk Observability for AI!Discover how Splunk’s agentic AI ...

Splunk Enterprise Security 8.x: The Essential Upgrade for Threat Detection, ...

Watch On Demand the Tech Talk on November 6 at 11AM PT, and empower your SOC to reach new heights! Duration: ...

Splunk Observability as Code: From Zero to Dashboard

For the details on what Self-Service Observability and Observability as Code is, we have some awesome content ...