- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I can't seem to find the right terms to search to find my answer so I'm hoping someone here can help me.
I'm looking for a clean way to do the timechart command when your field values could be 5 or 500,000. With such a large difference it makes plotting them on a map useless for the smaller numbered results. I would do this to a table, but it's nice to have the timechart command show the usage over time and make it a good visual reference.
If you have another way to do this, or another command I should use that would be great.
Thanks,
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Go ahead and use timechart. Change the visualization format for the Y axis to log.
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Go ahead and use timechart. Change the visualization format for the Y axis to log.
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Thank you, this is exactly what I wanted. I knew it had to be a simple option i just couldn't find.
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Yw. @GenericSplunkUser - if your question has been answered, then please accept the answer so the question will show as solved.
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I thought i had done that, Thanks for the reminder.
