Dashboards & Visualizations
cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

Show trendline of average of values for 1hour as overlay graph on main graph

deepthi5
Path Finder
‎10-18-2016 12:48 AM

alt textHi ,

I have one graph which shows the response times for every second
source="C:\Ping\" index="ping" sourcetype="pingstats" | rex field=source "(?.?)$" |lookup pinglookup.csv country OUTPUT router DestinationIP |search router=waterloo|chart values(RTT) as RTT by _time,router|fillnull value=0

I have another graph which shows the trend of the average of the response times for one hour
source="C:\Ping\" index="ping" sourcetype="pingstats" | rex field=source "(?.?)$" |lookup pinglookup.csv country OUTPUT router DestinationIP |search router=waterloo | bucket _time span=1h | stats avg(RTT) AS avg_value by _time | trendline sma5(avg_value) as trend

How can i combine both and get a graph i have used appendcols but the graph looks odd

attaching the screen shot

Tags (2)
dashb.png
Preview file
42 KB
0 Karma
Reply

sundareshr
Legend
‎10-18-2016 04:34 AM

Try this

source="C:\\Ping\*" index="ping" sourcetype="pingstats" | rex field=source "(?.*?)$" | lookup pinglookup.csv country OUTPUT router DestinationIP | search router=waterloo | chart values(RTT) as RTT by _time,router | fillnull value=0 | addtotals | trendline sma5(Total) as Trend | fields - Total
0 Karma
Reply
Get Updates on the Splunk Community!

Preparing your Splunk Environment for OpenSSL3

The Splunk platform will transition to OpenSSL version 3 in a future release. Actions are required to prepare ...

Unleash Unified Security and Observability with Splunk Cloud Platform

     Now Available on Microsoft AzureThursday, March 27, 2025  |  11AM PST / 2PM EST | Register NowStep boldly ...

Splunk AppDynamics with Cisco Secure Application

Web applications unfortunately present a target rich environment for security vulnerabilities and attacks. ...
Top