Solved: Splunk dashboard (I wanted to update all 3 alert(c...

AShwin1119 · ‎09-14-2022

I wanted to update all 3 alert(critical, major and minor) in same column can any one help in these. @splunk @BSplunk @Splunx @ASplunk

bowesmana · ‎09-15-2022

Use

|chart count over dv_assignment_group by priority

rather than stats and stack the bar chart

View solution in original post

bowesmana · ‎09-14-2022

You want a stacked bar chart - go to Vizualisation/Format/Stacked Mode and select stacked

AShwin1119 · ‎09-15-2022

I used query.

index=generic_servicenow dv_sys_created_by=system sourcetype="snow:incident" dv_caller_id="Event Management"
|stats count by dv_assignment_group priority
|sort dv_assignment_group

but here for priority and count is showing different bar.

I want same bar for priority P2, P3 and P4 with different color in the dashboard similar to the screenshot which I have attached.

bowesmana · ‎09-15-2022

Use

|chart count over dv_assignment_group by priority

rather than stats and stack the bar chart

vinod743374 · ‎09-14-2022

Hi,

Can you please elaborate your question little more,
Do you need the solution like in the image u shown ??

AShwin1119 · ‎09-15-2022

I used query.

index=generic_servicenow dv_sys_created_by=system sourcetype="snow:incident" dv_caller_id="Event Management"
|stats count by dv_assignment_group priority
|sort dv_assignment_group

but here for priority and count is showing different bar.

I want same bar for priority P2, P3 and P4 with different color in the dashboard similar to the screenshot which I have attached.

AShwin1119 · ‎09-15-2022

yes

Splunk dashboard (I wanted to update all 3 alert(critical, major and minor) in same column- Can anyone help with this?

Dashboard Studio

Extending Observability Content to Splunk Cloud

More Control Over Your Monitoring Costs with Archived Metrics!

New in Observability Cloud - Explicit Bucket Histograms