@kpavan you have following 2 options:
Option 1 : Splunk built in Chart Event Annotation: https://docs.splunk.com/Documentation/Splunk/latest/Viz/ChartEventAnnotations
Option 2 : Region Chart Custom Visualization by @chrisyounger : https://splunkbase.splunk.com/app/4911/
Following is a run anywhere example for both examples above. The example assumes maintenance window every Sunday from 8:00 PM to midnight.
PS: For the second option to work you would need to get Region Chart custom visualization from Splunkbase.
<dashboard theme="light">
<label>Maintenance Window</label>
<row>
<panel>
<title>Option 1: Maintenance Window using Splunk Chart Event Annotation</title>
<chart>
<search type="annotation">
<query>| makeresults
| addinfo
| eval _time=split($tokEarliestTime|s$."|".$tokLatestTime|s$,"|")
| stats count by _time
| timechart count span=1h
| fields - count
| eval isMaintenanceWindow=if(strftime(_time,"%a")=="Sun" AND tonumber(strftime(_time,"%H"))>20,"Maintenance Window Sunday 8:00 PM - 11:59 PM","Regular")
| search isMaintenanceWindow="Maintenance Window Sunday 8:00 PM - 11:59 PM"
| eval annotation_label=isMaintenanceWindow</query>
</search>
<search>
<query>index=_internal sourcetype=splunkd log_level=WARN
| timechart count as ERRORS span=1h
| fillnull value=0 ERRORS</query>
<earliest>-15d@d</earliest>
<latest>now</latest>
<sampleRatio>1</sampleRatio>
<progress>
<eval token="tokEarliestTime">strptime($job.earliestTime$,"%Y-%m-%dT%H:%M:%S.%3N%z")</eval>
<eval token="tokLatestTime">strptime($job.latestTime$,"%Y-%m-%dT%H:%M:%S.%3N%z")</eval>
</progress>
</search>
<!-- Secondary search that drives the annotations -->
<option name="charting.axisTitleX.visibility">collapsed</option>
<option name="charting.axisTitleY.visibility">collapsed</option>
<option name="charting.chart">line</option>
<option name="charting.legend.placement">none</option>
<option name="refresh.display">progressbar</option>
</chart>
</panel>
</row>
<row>
<panel id="panel_chart_error_trend">
<title>Option 2: Maintenance Window using Region Chart Custom Visualization</title>
<viz type="region_chart_viz.region_chart_viz">
<search>
<progress>
<eval token="tokEarliestTime">strptime($job.earliestTime$,"%Y-%m-%dT%H:%M:%S.%3N%z")</eval>
<eval token="tokLatestTime">strptime($job.latestTime$,"%Y-%m-%dT%H:%M:%S.%3N%z")</eval>
</progress>
<query>index=_internal sourcetype=splunkd log_level=WARN
| timechart count as ERRORS span=1h
| fillnull value=0 ERRORS
| eval regions=if(strftime(_time,"%a")=="Sun" AND tonumber(strftime(_time,"%H"))>20,"Maintenance Window Sunday 8:00 PM - 11:59 PM=red","")</query>
<earliest>-15d@d</earliest>
<latest>now</latest>
<sampleRatio>1</sampleRatio>
</search>
<option name="drilldown">all</option>
<option name="refresh.display">progressbar</option>
</viz>
</panel>
</row>
</dashboard>
