Splunk Search
×

Join the Conversation

Without signing in, you're just watching from the sidelines. Sign in or Register to connect, share, and be part of the Splunk Community.
Ask a Question
Solved! Jump to solution

Bar chart with non-numeric data

b1388035
Explorer
‎01-17-2013 05:09 AM

I'm looking to create a grouped bar chart from data in the following format:

---- ID Results

1: AAA, B321

2: AAA, A918

3: AAA, C391

4: BBB, A918

5: BBB, C391

6: CCC, B321

7: CCC, A918

Essentially I would like to easily visualize which ID has the same results. My idea is to have a bar chart with the IDs listed along the 'X' and then above each ID a 1 unit stacked colour bar representing a result.

If I run a search for:

Results=* | chart Values(Result) by ID

I get the table shown below but the graph view is just axis.

ID ---------Results

AAA---------B321, A918, C391

BBB---------A918, C391

CCC---------B321, A918,

Tags (2)
Reply
1 Solution
Solved! Jump to solution
Solution

cphair
Builder
‎01-17-2013 07:08 AM

Try



... | chart dc(Results) over ID by Results

and make it a stacked bar graph. You may have to set limit=X to see everything if you have a lot of values.

View solution in original post

Reply
Solved! Jump to solution
Solution

cphair
Builder
‎01-17-2013 07:08 AM

Try



... | chart dc(Results) over ID by Results

and make it a stacked bar graph. You may have to set limit=X to see everything if you have a lot of values.

Reply
Solved! Jump to solution

b1388035
Explorer
‎01-17-2013 06:55 AM

The source data is something like:
1: AAA, B321
2: AAA, A918
3: AAA, C391
4: BBB, A918
5: BBB, C391
6: CCC, B321
7: CCC, A918

0 Karma
Reply
Solved! Jump to solution

jkat54
SplunkTrust
SplunkTrust
‎01-17-2013 06:15 AM

I'm not certain that you are providing the source data. It appears you're providing what splunk gives you when you run the search string you've listed. We need the source data that you're running the search string on in order to help you.

0 Karma
Reply
Got questions? Get answers!

Join the Splunk Community Slack to learn, troubleshoot, and make connections with fellow Splunk practitioners in real time!

Meet up IRL or virtually!

Join Splunk User Groups to connect and learn in-person by region or remotely by topic or industry.

Get Updates on the Splunk Community!

Kick the Tires Before You Commit: A Hands-On Tour of the Splunk Observability Cloud ...

Evaluating an enterprise observability platform usually goes like this: fill out a form, get a free trial with ...

Deep insights, no barriers: Splunk Observability Cloud Free Edition

As software delivery cycles continue to accelerate, observability shouldn’t be a luxury — it should be a ...

Monitoring AI Agents with Splunk Observability Cloud

Let’s say I’m running a travel planning AI app in production. A user asks for three concise hotel options in ...