Solved: How I can chart dates in a timechart

RobertRi · ‎02-05-2013

Hi

I hope I can explain my issue.

My logfile data looks like this
Thread, Milliseconds, Command which was executed

thread1 372  command
thread2 4472 command
thread1 2292 command

Now I want to have a chart or timechart to display for each day, each thread and the summarized time
A possible solution is

| timechart span=1d sum(Milliseconds) by Thread

but I want to display these summarized Milliseconds in a human readable format like HH:MM:SS.

How can I do this or is it even possible?

Update:

How can I modify a stats statement, so that I get as list header the different headers?

Thanks for your help
Robert

jtworzydlo · ‎02-05-2013

xiaoyuandlg · ‎01-10-2014

Nice to see the answer, exactly solved my question!

jtworzydlo · ‎02-05-2013

RobertRi · ‎02-06-2013

how can I format the output to get the threads as heading?
I made this only with the timechart function, but is it possible with stats too?

jtworzydlo · ‎02-05-2013

maybe you can combine "bucket" and "stats" to achieve the same thing?
like:
bucket _time span=1d | stats sum(Milliseconds) by Thread

RobertRi · ‎02-05-2013

Thanks for your answer.

This works well if I use the stats command but I want to use the timechart command to have the output in the following order

Time Thread1 Thread2 Thread3
2013/2/5 1:45:23 00:00:42 00:07:59
2013/2/4 00:00:00 01:00:21 10:00:01

How I can chart dates in a timechart