Splunk Search
×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question

Changing timechart X axis

appleman
Contributor
‎12-25-2013 11:25 PM

Hello,

I want to change X axis on timechart, so I created a dashboard, and added the following option.

My search: index=test sourcetype=type | timechart span=5m sum(A) as A sum(B) as B sum(C) as C sum(D) as D

1
P0Y0M0DT2H0M0S

However, X axis still follows the splunk default auto settings which is 6hours or 4hours.
What else do I need to add on this dashboard to change X axis?

Thank you.

タイムチャートコマンドを利用したサーチで、縦棒グラフをダッシュボードに作成したのですが、下記の設定を加えてもX軸が上手く設定変更されません。
これ以外に何か加える設定等はございますでしょうか。

サーチ文:index=test sourcetype=type | timechart span=5m sum(A) as A sum(B) as B sum(C) as C sum(D) as D

1
P0Y0M0DT2H0M0S

0 Karma
Reply

melonman
Motivator
‎02-27-2014 05:28 AM

How about this?

index=_internal earliest=-24h@h latest=@h component="Metrics" group="tpool" 
| bucket _time span=1h 
| stats max(workers) as A avg(workers) as B  median(workers) as C stdev(workers) as D by _time 
| rename _time as time 
| eval time=strftime(time, "%Y/%m/%d %H:%M")

alt text

Reply

appleman
Contributor
‎12-26-2013 07:29 PM

Thank you for sharing.
I've converted my simple xml to advanced, but it didn't work.

0 Karma
Reply

somesoni2
Revered Legend
‎12-26-2013 04:54 AM

Have look at this post, which has similar requirements...
http://answers.splunk.com/answers/109435/timechart-x-axis-tick-marks-every-month?page=1&focusedAnswe...

0 Karma
Reply
Get Updates on the Splunk Community!

Automatic Discovery Part 1: What is Automatic Discovery in Splunk Observability Cloud ...

If you’ve ever deployed a new database cluster, spun up a caching layer, or added a load balancer, you know it ...

Real-Time Fraud Detection: How Splunk Dashboards Protect Financial Institutions

Financial fraud isn't slowing down. If anything, it's getting more sophisticated. Account takeovers, credit ...

Splunk + ThousandEyes: Correlate frontend, app, and network data to troubleshoot ...

 Are you tired of troubleshooting delays caused by siloed frontend, application, and network data? We've got a ...