Splunk Search

Adding colors based on search results

garinapavan
Explorer

Hi,

I want to add colors for my search result based on the duration . Any help is appreicated

Here is my search string:

host=abcd source="/acc.log*"
|stats count, perc90(duration), perc95(duration), min(duration), max(duration), avg(duration) by service_name 
| sort -count

Here is what I'm looking for based on duration
If duration is > 1 second then RED
If duration >.075 and <1 second then Yellow
If duration <.075 then Green

My search search returns the below results
alt text

Tags (3)
0 Karma

arobbins_splunk
Splunk Employee
Splunk Employee

There is no built-in solution to this at this time. However, if you download the Splunk 6.x Dashboard Examples App (https://splunkbase.splunk.com/app/1603/) there is an example of how to customize a dashboard to achieve cell coloring.

Get Updates on the Splunk Community!

Introduction to Splunk Observability Cloud - Building a Resilient Hybrid Cloud

Introduction to Splunk Observability Cloud - Building a Resilient Hybrid Cloud  In today’s fast-paced digital ...

Observability protocols to know about

Observability protocols define the specifications or formats for collecting, encoding, transporting, and ...

Take Your Breath Away with Splunk Risk-Based Alerting (RBA)

WATCH NOW!The Splunk Guide to Risk-Based Alerting is here to empower your SOC like never before. Join Haylee ...