Join the Conversation
- Find Answers
- :
- Using Splunk
- :
- Dashboards & Visualizations
- :
- Scatter plot of contingency data using earthquake ...
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark Topic
- Subscribe to Topic
- Mute Topic
- Printer Friendly Page
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
My ultimate goal is to create a scatter plot showing the number of email messages which has a spam score of X and phish score of Y. I tried to do this using the earthquake data and plotting the number of earthquakes which had Magnitude X and Depth Y where each colored dot would represent a different count. For example, red = 1, blue = 2 and Green =3 and the plot would show the count of each combination of depth and magnitude similar to the table produced by
source="eqs7day-M2.5.txt" | contingency Depth Magnitude
If I read the chart reference page, the x axis is the first argument after chart, y axis is the over clause and the values would be the by clause. So, how do I get the following faulty chart command to work to produce what I want:
`chart values(Magnitude) over Depth by count(Depth)`
so the X axis is Magnitude, Y axis is Depth and the value is the number of earthquakes with that Magnitude and Depth?
As you can see, this solution will give me the real answer to my real problem, graphing spam vs phish scores.
Thanks so much,
Sean Coleman
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I solved this tricky problem with the following solution:
source="eqs7mday-M2.5.txt" | stats count(Depth) AS Depthcount by Magnitude,Depth | table Depthcount,Magnitude,Depth
Hit the table button and select Scatter Plot and you end up with a Scatter Plot of Depth on the X axis and Magnitude on the Y axis with your count as values of the graph.
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I solved this tricky problem with the following solution:
source="eqs7mday-M2.5.txt" | stats count(Depth) AS Depthcount by Magnitude,Depth | table Depthcount,Magnitude,Depth
Hit the table button and select Scatter Plot and you end up with a Scatter Plot of Depth on the X axis and Magnitude on the Y axis with your count as values of the graph.
Join the Splunk Community Slack to learn, troubleshoot, and make connections with fellow Splunk practitioners in real time!
Join Splunk User Groups to connect and learn in-person by region or remotely by topic or industry.
Announcing Modern Navigation: A New Era of Splunk User Experience
Modernize your Splunk Apps – Introducing Python 3.13 in Splunk
Step into “Hunt the Insider: An Splunk ES Premier Mystery” to catch a cybercriminal ...
