Knowledge Management
×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question
Solved! Jump to solution

User Navigation flow

reverse
Contributor
‎05-24-2019 07:02 PM

In my logs - I have session id and page id ..

I want to see users' Navigation chart..
Please guide.

Tags (2)
0 Karma
Reply
1 Solution
Solved! Jump to solution
Solution

DavidHourani
Super Champion
‎05-25-2019 03:19 AM

Hi @reverse,

Sankey can be found here :
https://splunkbase.splunk.com/app/3112/

And resources on how to use it is here :
https://docs.splunk.com/Documentation/SankeyDiagram/1.3.0/SankeyDiagramViz/SankeyIntro

Do you need help writing your SPL ?

Cheers,
David

View solution in original post

Reply
Solved! Jump to solution
Solution

DavidHourani
Super Champion
‎05-25-2019 03:19 AM

Hi @reverse,

Sankey can be found here :
https://splunkbase.splunk.com/app/3112/

And resources on how to use it is here :
https://docs.splunk.com/Documentation/SankeyDiagram/1.3.0/SankeyDiagramViz/SankeyIntro

Do you need help writing your SPL ?

Cheers,
David

Reply
Solved! Jump to solution

reverse
Contributor
‎05-25-2019 07:03 AM

Yes please

0 Karma
Reply
Solved! Jump to solution

DavidHourani
Super Champion
‎05-26-2019 12:09 AM

Hi @reverse, sure thing, please share one line of logs as an example so we can build your search for Sankey. As shown here :
https://docs.splunk.com/Documentation/SankeyDiagram/1.3.0/SankeyDiagramViz/SankeySearchDataFormat
your search should look like this : 

... | stats <stats_function>(<size_field>) [<stats_function>(<color_field>)] by <source_category_field> <target_category_field>
Reply
Solved! Jump to solution

DavidHourani
Super Champion
‎05-25-2019 12:32 AM

Hi @reverse, what do you need the chart to look like ?

0 Karma
Reply
Solved! Jump to solution

reverse
Contributor
‎05-25-2019 02:43 AM

Like sankey

0 Karma
Reply
Solved! Jump to solution

niketn
Legend
‎05-25-2019 10:36 PM

@reverse you will have to provide more details like your data sample and existing query for us to assist you better. Please mock/anonymize any sensitive information.

The Sankey Custom Visualization also comes with sample query which you can refer to, in order to come up with your own query.

____________________________________________
| makeresults | eval message= "Happy Splunking!!!"
0 Karma
Reply
Get Updates on the Splunk Community!

Fun with Regular Expression - multiples of nine

Fun with Regular Expression - multiples of nineThis challenge was first posted on Slack #regex channel ...

[Live Demo] Watch SOC transformation in action with the reimagined Splunk Enterprise ...

Overwhelmed SOC? Splunk ES Has Your Back Tool sprawl, alert fatigue, and endless context switching are making ...

What’s New & Next in Splunk SOAR

Security teams today are dealing with more alerts, more tools, and more pressure than ever.  Join us on ...