Solved: Re: Bar chart with non-numeric data

b1388035 · ‎01-17-2013

I'm looking to create a grouped bar chart from data in the following format:

---- ID Results

1: AAA, B321

2: AAA, A918

3: AAA, C391

4: BBB, A918

5: BBB, C391

6: CCC, B321

7: CCC, A918

Essentially I would like to easily visualize which ID has the same results. My idea is to have a bar chart with the IDs listed along the 'X' and then above each ID a 1 unit stacked colour bar representing a result.

If I run a search for:

Results=* | chart Values(Result) by ID

I get the table shown below but the graph view is just axis.

ID ---------Results

AAA---------B321, A918, C391

BBB---------A918, C391

CCC---------B321, A918,

cphair · ‎01-17-2013

Try



... | chart dc(Results) over ID by Results

and make it a stacked bar graph. You may have to set limit=X to see everything if you have a lot of values.

View solution in original post

cphair · ‎01-17-2013

Try



... | chart dc(Results) over ID by Results

and make it a stacked bar graph. You may have to set limit=X to see everything if you have a lot of values.

b1388035 · ‎01-17-2013

The source data is something like:
1: AAA, B321
2: AAA, A918
3: AAA, C391
4: BBB, A918
5: BBB, C391
6: CCC, B321
7: CCC, A918

jkat54 · ‎01-17-2013

I'm not certain that you are providing the source data. It appears you're providing what splunk gives you when you run the search string you've listed. We need the source data that you're running the search string on in order to help you.

Bar chart with non-numeric data

Extending Observability Content to Splunk Cloud

More Control Over Your Monitoring Costs with Archived Metrics!

New in Observability Cloud - Explicit Bucket Histograms