- Splunk Answers
- :
- Using Splunk
- :
- Splunk Search
- :
- How do you specify x-axis intervals on ChartView (...
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark Topic
- Subscribe to Topic
- Mute Topic
- Printer Friendly Page
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi all,
I am using the object ChartView (type column) however I am not able to set the intervals (units) in axis X for 1 hour.
I am executing the query (timechart span=1h sum("XXXXXX") by "YYYYYY") however the data are being displayed with 4 hours of difference between each unit in AXIS X (Unit tick like 4 AM , 8 AM, 12 PM, 4 PM....).
In the JavaScript I have the below code:
Columnchart = new ChartView({
id: "chart1",
managerid: SearchManager.name,
type: "column",
"charting.axisTitleX.text": "Last hours",
"charting.chart.showDataLabels": "all",
"charting.legend.placement": "none",
"charting.scaleX": 1,
"charting.axisLabelsX.majorLabelVisibility": "show",
"charting.axisLabelsX.majorTickVisibility": "show",
"charting.axisLabelsX.minorTickVisibility": "show",
"charting.axisX.includeZero": true,
"charting.axisY.includeZero": true,
"charting.axisLabelsX.majorUnit": "0H30M0S" ,
"charting.chart.columnSpacing" : 2,
el: $('#modalVizualization')
}).render();
I believe that the property "majorUnit" is responsible for this configuration, riight? But it is not reflecting on the graph.
Thanks and regards,
Danillo Pavan
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
|eval newt=strftime(_time,"%Y-%m-%d %H")
|chart sum(XXXXXX) over newt by YYYYYY
narrow down your search time range to first verify output
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hello Sukisen, to keep the command "span=1h", i needed to change it to:
bin _time span=1h | eval newt=strftime(_time,"%H:%M")| chart sum(XXXX) over newt by YYYY| rename NULL as YYYYY
Many Many thanks for your support!!!
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
hi firstly many apologies, I was stuck in some major issues @ work (why does it always happen over weekends :)?) and I did not get time to review your previous comments. I forgot that you were in the first place asking for a split on a per hour basis. The bin options is correct and I could have told you this earlier , had I not been stupid enough to miss it in the first place. Glad to see you figured it out yourself....happy splunking 🙂 🙂
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
No problem, Sukisen. Thanks for your Support.
Taking the opportunity...could you please help me with other case? 🙂
My lookup command is not working just via JavaScript..if you execute it in Search Splunk...it is working fine...the question was uploaded in the below URL:
https://answers.splunk.com/answers/583217/why-cant-i-see-results-from-javascript-searchmanag.html
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
|eval newt=strftime(_time,"%Y-%m-%d %H")
|chart sum(XXXXXX) over newt by YYYYYY
narrow down your search time range to first verify output
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hello Sukisen, many thanks for your asnwer. It is working now!!! The Axis X had changed, however I would like to use the SPAN=1h in the query. It is briging all events and I want to show hour by hour. Is it possible to use the SPAN option for CHART command?
Extending Observability Content to Splunk Cloud
More Control Over Your Monitoring Costs with Archived Metrics!
New in Observability Cloud - Explicit Bucket Histograms
