Solved: Bar + line in chart?

robingg · ‎05-14-2020

I have two types of events, where the important data looks like this:

[
  {
    "acknowledged": false,
    "time": 1588289278000,
  },
  {
    "acknowledged": {
      "time": 1588232449000,
      "username": "admin"
    },
    "time": 1588145193000,
  }
]

Per day, I want a bar chart of the count of the events that contains an acknowledge object. I also want to plot a line that contains the average acknowledgement time (acknowledged.time - time).

adonio · ‎05-14-2020

write your query that calculates the average acknowledgement time and the count of events over time then when using the bar chart, click edit and use chart overlay. pick the desired field as overlay line over the bar

View solution in original post

adonio · ‎05-14-2020

write your query that calculates the average acknowledgement time and the count of events over time then when using the bar chart, click edit and use chart overlay. pick the desired field as overlay line over the bar

robingg · ‎05-15-2020

Thanks. Solved the problem

Bar + line in chart?

Your Guide to Splunk Digital Experience Monitoring

Data Management Digest – November 2025

Upcoming Webinar: Unmasking Insider Threats with Slunk Enterprise Security’s UEBA

Join the Conversation

Bar + line in chart?

Your Guide to Splunk Digital Experience Monitoring

Data Management Digest – November 2025

Upcoming Webinar: Unmasking Insider Threats with Slunk Enterprise Security’s UEBA