Hello! I am trying to map a search in Splunk Studio Dashboards to create a time chart showing a machines utilization per day. I want to show it by day so I can add a trend line to my single value utilization panel.

To do this, I am mapping my search by day so, the utilization will be calculated per day rather than over the whole-time range.

Using the code below I am able to make a time chart displaying the machines daily utilization in dashboard classic but not dashboard studios:

Code:

index=example |bin span=1d _time |dedup _time
| eval start=relative_time(_time,"@d-1d"), end=relative_time(_time,"@d")
|eval day=strftime(_time,"%D %T")
|eval End=strftime(end,"%D %T")

|map maxsearches=30 search="search index=example earliest=\"$$start$$\" latest=$$end$$
| transaction Machine maxpause=300s maxspan=1d keepevicted=T keeporphans=T
| addinfo|bin span=1d _time
| eval timepast=info_max_time-info_min_time
| eventstats sum(duration) as totsum by Machine _time  |dedup Machine _time
| eval Util=min(round( (totsum)/(timepast) *100,1),100)
| stats values(Util) as \"Utilization\" by Machine _time date_mday"
|table _time Utilization Machine

|chart values(Utilization) by _time Machine
|fillnull value="0"

Code Results in Dashboard Classic:

Code result in Dashboard Studio:

Why can't I map on Dashboard Studio?? It states it is waiting for an input. How can I break up utilization by day to show the trend line?