Dashboards & Visualizations

Splunk dashboard (I wanted to update all 3 alert(critical, major and minor) in same column- Can anyone help with this?

AShwin1119
Explorer

AShwin1119_0-1663217687280.png

I wanted to update all 3 alert(critical, major and minor) in same column can any one help in these. @splunk @Anonymous @Splunx @Anonymous 

Labels (1)
0 Karma
1 Solution

bowesmana
SplunkTrust
SplunkTrust

Use

|chart count over dv_assignment_group by priority

rather than stats and stack the bar chart

View solution in original post

bowesmana
SplunkTrust
SplunkTrust

You want a stacked bar chart - go to Vizualisation/Format/Stacked Mode and select stacked

0 Karma

AShwin1119
Explorer

I used query.

index=generic_servicenow dv_sys_created_by=system sourcetype="snow:incident" dv_caller_id="Event Management"
|stats count by dv_assignment_group priority
|sort dv_assignment_group

 

but here for priority and count is showing different bar. 

I want same bar for priority P2, P3 and P4 with different color in the dashboard similar to the screenshot which I have attached. 

0 Karma

bowesmana
SplunkTrust
SplunkTrust

Use

|chart count over dv_assignment_group by priority

rather than stats and stack the bar chart

vinod743374
Communicator

Hi,

Can you please elaborate your question little more,
Do you need the solution like in the image u shown ?? 

0 Karma

AShwin1119
Explorer

I used query.

index=generic_servicenow dv_sys_created_by=system sourcetype="snow:incident" dv_caller_id="Event Management"
|stats count by dv_assignment_group priority
|sort dv_assignment_group

 

but here for priority and count is showing different bar. 

I want same bar for priority P2, P3 and P4 with different color in the dashboard similar to the screenshot which I have attached. 

 

0 Karma

AShwin1119
Explorer

yes

 

0 Karma
Get Updates on the Splunk Community!

See just what you’ve been missing | Observability tracks at Splunk University

Looking to sharpen your observability skills so you can better understand how to collect and analyze data from ...

Weezer at .conf25? Say it ain’t so!

Hello Splunkers, The countdown to .conf25 is on-and we've just turned up the volume! We're thrilled to ...

How SC4S Makes Suricata Logs Ingestion Simple

Network security monitoring has become increasingly critical for organizations of all sizes. Splunk has ...