Splunk Search

Adding colors based on search results

garinapavan
Explorer

Hi,

I want to add colors for my search result based on the duration . Any help is appreicated

Here is my search string:

host=abcd source="/acc.log*"
|stats count, perc90(duration), perc95(duration), min(duration), max(duration), avg(duration) by service_name 
| sort -count

Here is what I'm looking for based on duration
If duration is > 1 second then RED
If duration >.075 and <1 second then Yellow
If duration <.075 then Green

My search search returns the below results
alt text

Tags (3)
0 Karma

arobbins_splunk
Splunk Employee
Splunk Employee

There is no built-in solution to this at this time. However, if you download the Splunk 6.x Dashboard Examples App (https://splunkbase.splunk.com/app/1603/) there is an example of how to customize a dashboard to achieve cell coloring.

Register for .conf21 Now! Go Vegas or Go Virtual!

How will you .conf21? You decide! Go in-person in Las Vegas, 10/18-10/21, or go online with .conf21 Virtual, 10/19-10/20.