Splunk Search
×

Join the Conversation

Without signing in, you're just watching from the sidelines. Sign in or Register to connect, share, and be part of the Splunk Community.
Ask a Question

Help with a pie chart search?

daniel333
Builder
‎01-29-2019 04:51 PM

All,

I have a relatively simple search but I am tripping over it for some reason.

I want a pie chart of all hosts in my company. Any host with package="telnet*" as red and those without in blue. Any idea how I'd get that search working?

0 Karma
Reply

adonio
Ultra Champion
‎01-29-2019 07:14 PM

hello there,

try this code anyhere, it will create a 50/50 ratio pie chart.

| makeresults count=30
| eval package_prefix = "telnet;blah"
| makemv delim=";" package_prefix
| mvexpand package_prefix
| eval random = if(package_prefix=telnet,random()%400,random()%50)
| eval package = package_prefix."-".random
| eval add = "computer"
| streamstats count as record_number
| eval host = "computer"."-".record_number
| rename COMMENT as "above generates fake results, belew is your solution" 
| rename COMMENT as "here we will use the eval LIKE function"
| eval host_group = if(package like "telnet%","tel","other")
| stats dc(host) as u_host by host_group

please excuse me as i didnt save as dashboard so i can show how to use the xml code to hardcode red and blue, but you can use similar answers here to accomplish that task, here for example:
https://answers.splunk.com/answers/563888/how-to-change-default-color-charts.html

see screenshot:
1:alt text

0 Karma
Reply
Got questions? Get answers!

Join the Splunk Community Slack to learn, troubleshoot, and make connections with fellow Splunk practitioners in real time!

Meet up IRL or virtually!

Join Splunk User Groups to connect and learn in-person by region or remotely by topic or industry.

Get Updates on the Splunk Community!

Why Splunk Customers Should Attend Cisco Live 2026 Las Vegas

Why Splunk Customers Should Attend Cisco Live 2026 Las Vegas     Cisco Live 2026 is almost here, and this ...

What Is the Name of the USB Key Inserted by Bob Smith? (BOTS Hint, Not the Answer)

Hello Splunkers,   So you searched, “what is the name of the usb key inserted by bob smith?”  Not gonna lie… ...

Automating Threat Operations and Threat Hunting with Recorded Future

    Automating Threat Operations and Threat Hunting with Recorded Future June 29, 2026 | Register   Is your ...