Splunk Search

Example of a bubble chart

raoul
Path Finder

Is there an example of the correct xml syntax to use to define a bubble chart in a dashboard? I cannot find one in the manuals.

Tags (2)
1 Solution

raoul
Path Finder

Managed to puzzle it out, here is my example:

    <chart>
      <searchString>
sourcetype="transactions"  
  | bucket _time span=1h
  | stats count(eval(Rsp!="00")) as declines, count by _time, Region
  | eval pct=round((declines/count) * 100, 2)
  | table Region, _time, pct, declines
      </searchString>
      <title>Percentage declines by Region, last 48h</title>
      <earliestTime>-48h@h</earliestTime>
      <latestTime>now</latestTime>
      <option name="charting.chart">bubble</option>
    </chart>

View solution in original post

woodcock
Esteemed Legend
0 Karma

raoul
Path Finder

Managed to puzzle it out, here is my example:

    <chart>
      <searchString>
sourcetype="transactions"  
  | bucket _time span=1h
  | stats count(eval(Rsp!="00")) as declines, count by _time, Region
  | eval pct=round((declines/count) * 100, 2)
  | table Region, _time, pct, declines
      </searchString>
      <title>Percentage declines by Region, last 48h</title>
      <earliestTime>-48h@h</earliestTime>
      <latestTime>now</latestTime>
      <option name="charting.chart">bubble</option>
    </chart>

renuka13
Explorer



sourcetype="E:\New Folder\voice_cdr_1mil.csv" NOT "CallingCellID" TerminationReason!=1 |
|bucket TimeStamp span=5h|
eval Base_Transceiver_Station_Code=substr(CallingCellID,11,4) |
join Base_Transceiver_Station_Code [search source="E:\New Folder\BTS_Information2.txt"] |
table TERRITORY,TimeStamp,TerminationReason

bubble

i am joining two files here and the result i need as bubble chart but i am not getting any output .. is this code is correct? please help me out

0 Karma
Get Updates on the Splunk Community!

Enterprise Security Content Update (ESCU) v3.54.0

The Splunk Threat Research Team (STRT) recently released Enterprise Security Content Update (ESCU) v3.54.0 and ...

Using Machine Learning for Hunting Security Threats

WATCH NOW Seeing the exponential hike in global cyber threat spectrum, organizations are now striving more for ...

New Learning Videos on Topics Most Requested by You! Plus This Month’s New Splunk ...

Splunk Lantern is a customer success center that provides advice from Splunk experts on valuable data ...