Dashboards & Visualizations
×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question

Using Chart Visualisation in classic dashboard need show result in Y-axis

siva_kumar0147
Explorer
‎11-28-2024 02:30 AM

Hi all,

I am having two fields as eventfield2and eventfield3with values of eventfield3= LHCP , RHCP ,LHCP & values of eventfield2= RHCP , RHCP ,LHCP . I want a result like as shown .

siva_kumar0147_0-1732789623367.png         Thanks for your time in advance.

 

 

 

Labels (2)
Labels
0 Karma
Reply

tscroggins
Influencer
‎11-28-2024 09:33 AM

Hi @siva_kumar0147,

The simplest solution is to use the Timeline visualization. You'll need to calculation durations in milliseconds between transitions:

| makeresults format=csv data="_time,direction,polarization
1732782870,TX,L
1732782870,RX,R
1732781700,TX,R
1732781700,RX,L"
| sort 0 - _time + direction
| eval polarization=case(polarization=="L", "LHCP", polarization=="R", "RHCP")
| streamstats global=f window=2 first(_time) as end_time by direction
| addinfo
| eval duration=if(end_time==_time, 1000*(info_max_time-_time), 1000*(end_time-_time))
| table _time direction polarization duration

tscroggins_0-1732815134381.png

 

Reply

siva_kumar0147
Explorer
‎12-05-2024 08:55 AM

@tscroggins Thanks for your answer and spending your time, even if we use makeresults , at every point we need to  mention that CSV data ? 

 

0 Karma
Reply

tscroggins
Influencer
‎12-07-2024 08:19 AM

Hi @siva_kumar0147,

No, I only use makeresults to generate sample data. The logic from the sort command down drives the visualization.

0 Karma
Reply

ITWhisperer
SplunkTrust
SplunkTrust
‎11-28-2024 03:16 AM

Charts have numeric scales for the y-axis except things like bubble charts but then the values are numeric so it is unlikely that you can get a chart as you proposed - what are you trying to show (there may be alternative ways of representing the data)

0 Karma
Reply

siva_kumar0147
Explorer
‎12-05-2024 08:52 AM

@ITWhisperer thanks for your time , we can replace L & R values with some number like L as 9 and R as 10
, then we can make it visualise.  

0 Karma
Reply
Career Survey
First 500 qualified respondents will receive a $20 gift card! Tell us about your professional Splunk journey.
Take the Survey
Get Updates on the Splunk Community!

Tech Talk Recap | Mastering Threat Hunting

Mastering Threat HuntingDive into the world of threat hunting, exploring the key differences between ...

Observability for AI Applications: Troubleshooting Latency

If you’re working with proprietary company data, you’re probably going to have a locally hosted LLM or many ...

Splunk AI Assistant for SPL vs. ChatGPT: Which One is Better?

In the age of AI, every tool promises to make our lives easier. From summarizing content to writing code, ...