Dashboards & Visualizations
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

Passing token to chart overlay

mdunnavant
Observer
‎07-29-2020 05:54 AM

I've searched and searched on this and it's time to just ask the question.

I want to create a simple transaction count bar overlayed with the average duration line.  I can do this when hard setting the transaction name. 

mdunnavant_0-1596027006173.pngmdunnavant_1-1596027044699.png

 

 

However, when I try to generate an overlay using a dropdown of transaction names there is no overlay.  I feel like I'm just not passing a correctly formatted token to charting.chart.overlayFields option.

mdunnavant_2-1596027129372.pngmdunnavant_3-1596027161918.png

 

I've tried,

  • <option name="charting.chart.overlayFields">"avg(duration):" $ID$</option>
  • <option name="charting.chart.overlayFields">$ID$</option>
  • <option name="charting.chart.overlayFields">avg(duration): $ID$</option>
  • and probably dozens more as I'm throwing darts.

Any ideas here?

Labels (2)
Labels
0 Karma
Reply
Get Updates on the Splunk Community!

Splunk Training for All: Meet Aspiring Cybersecurity Analyst, Marc Alicea

Splunk Education believes in the value of training and certification in today’s rapidly-changing data-driven ...

Investigate Security and Threat Detection with VirusTotal and Splunk Integration

As security threats and their complexities surge, security analysts deal with increased challenges and ...

Observability Highlights | January 2023 Newsletter

 January 2023New Product Releases Splunk Network Explorer for Infrastructure MonitoringSplunk unveils Network ...