Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Splunk Search
×
Are you a member of the Splunk Community?
Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
- Find Answers
- :
- Using Splunk
- :
- Splunk Search
- :
- How to change the color of columns on a bar chart ...
Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark Topic
- Subscribe to Topic
- Mute Topic
- Printer Friendly Page
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
deanamite91
Explorer
09-15-2015
06:02 AM
I have the following search:
index="commercial_performance" $month_token$ Cat1="Efficiency Variance *" Value!="within *" | stats sum(Value) AS Efficiency by Customer | sort + Efficiency
When the efficiency is < 0, I want to make the columns on the bar chart red, and when the efficiency is > 0, I want to make it green.
Here is the XML:
<panel>
<title>Customer Efficiency</title>
<chart>
<search>
<query>index="commercial_performance" $month_token$ Cat1="Efficiency Variance *" Value!="within *" | stats sum(Value) AS Efficiency by Customer | sort + Efficiency </query>
<earliest>0</earliest>
<latest></latest>
</search>
<option name="charting.chart">bar</option>
<option name="height">550</option>
<option name="charting.fieldColors">{"redValue":0xFF0000,"greenValue":0x73A550}</option>
<option name="charting.axisY2.enabled">undefined</option>
<option name="charting.axisLabelsX.majorLabelStyle.overflowMode">ellipsisNone</option>
<option name="charting.axisLabelsX.majorLabelStyle.rotation">-45</option>
<option name="charting.axisTitleX.visibility">visible</option>
<option name="charting.axisTitleY.visibility">visible</option>
<option name="charting.axisTitleY2.visibility">visible</option>
<option name="charting.axisX.scale">linear</option>
<option name="charting.axisY.scale">linear</option>
<option name="charting.axisY2.scale">inherit</option>
<option name="charting.chart.bubbleMaximumSize">50</option>
<option name="charting.chart.bubbleMinimumSize">10</option>
<option name="charting.chart.bubbleSizeBy">area</option>
<option name="charting.chart.nullValueMode">gaps</option>
<option name="charting.chart.sliceCollapsingThreshold">0.01</option>
<option name="charting.chart.stackMode">default</option>
<option name="charting.chart.style">shiny</option>
<option name="charting.drilldown">all</option>
<option name="charting.layout.splitSeries">0</option>
<option name="charting.legend.labelStyle.overflowMode">ellipsisMiddle</option>
<option name="charting.legend.placement">right</option>
<option name="charting.axisTitleY.text">Efficiency (£)</option>
</chart>
</panel>
1 Solution
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
somesoni2
Revered Legend
09-15-2015
11:49 AM
Try like this
<panel>
<title>Customer Efficiency</title>
<chart>
<search>
<query>index="commercial_performance" $month_token$ Cat1="Efficiency Variance *" Value!="within *" | stats sum(Value) AS Efficiency by Customer | sort + Efficiency | Efficiency_G=if(Efficiency>0,Efficiency,0) | eval Efficiency_R=if(Efficiency_G=0,Efficiency,0) | table Customer Efficiency_* </query>
<earliest>0</earliest>
<latest></latest>
</search>
<option name="charting.chart">bar</option>
<option name="height">550</option>
<option name="charting.fieldColors">{"Efficiency_R":0xFF0000,"Efficiency_G":0x73A550}</option>
<option name="charting.axisY2.enabled">undefined</option>
<option name="charting.axisLabelsX.majorLabelStyle.overflowMode">ellipsisNone</option>
<option name="charting.axisLabelsX.majorLabelStyle.rotation">-45</option>
<option name="charting.axisTitleX.visibility">visible</option>
<option name="charting.axisTitleY.visibility">visible</option>
<option name="charting.axisTitleY2.visibility">visible</option>
<option name="charting.axisX.scale">linear</option>
<option name="charting.axisY.scale">linear</option>
<option name="charting.axisY2.scale">inherit</option>
<option name="charting.chart.bubbleMaximumSize">50</option>
<option name="charting.chart.bubbleMinimumSize">10</option>
<option name="charting.chart.bubbleSizeBy">area</option>
<option name="charting.chart.nullValueMode">gaps</option>
<option name="charting.chart.sliceCollapsingThreshold">0.01</option>
<option name="charting.chart.stackMode">stacked</option>
<option name="charting.chart.style">shiny</option>
<option name="charting.drilldown">all</option>
<option name="charting.layout.splitSeries">0</option>
<option name="charting.legend.labelStyle.overflowMode">ellipsisMiddle</option>
<option name="charting.legend.placement">right</option>
<option name="charting.axisTitleY.text">Efficiency (£)</option>
</chart>
</panel>
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
somesoni2
Revered Legend
09-15-2015
11:49 AM
Try like this
<panel>
<title>Customer Efficiency</title>
<chart>
<search>
<query>index="commercial_performance" $month_token$ Cat1="Efficiency Variance *" Value!="within *" | stats sum(Value) AS Efficiency by Customer | sort + Efficiency | Efficiency_G=if(Efficiency>0,Efficiency,0) | eval Efficiency_R=if(Efficiency_G=0,Efficiency,0) | table Customer Efficiency_* </query>
<earliest>0</earliest>
<latest></latest>
</search>
<option name="charting.chart">bar</option>
<option name="height">550</option>
<option name="charting.fieldColors">{"Efficiency_R":0xFF0000,"Efficiency_G":0x73A550}</option>
<option name="charting.axisY2.enabled">undefined</option>
<option name="charting.axisLabelsX.majorLabelStyle.overflowMode">ellipsisNone</option>
<option name="charting.axisLabelsX.majorLabelStyle.rotation">-45</option>
<option name="charting.axisTitleX.visibility">visible</option>
<option name="charting.axisTitleY.visibility">visible</option>
<option name="charting.axisTitleY2.visibility">visible</option>
<option name="charting.axisX.scale">linear</option>
<option name="charting.axisY.scale">linear</option>
<option name="charting.axisY2.scale">inherit</option>
<option name="charting.chart.bubbleMaximumSize">50</option>
<option name="charting.chart.bubbleMinimumSize">10</option>
<option name="charting.chart.bubbleSizeBy">area</option>
<option name="charting.chart.nullValueMode">gaps</option>
<option name="charting.chart.sliceCollapsingThreshold">0.01</option>
<option name="charting.chart.stackMode">stacked</option>
<option name="charting.chart.style">shiny</option>
<option name="charting.drilldown">all</option>
<option name="charting.layout.splitSeries">0</option>
<option name="charting.legend.labelStyle.overflowMode">ellipsisMiddle</option>
<option name="charting.legend.placement">right</option>
<option name="charting.axisTitleY.text">Efficiency (£)</option>
</chart>
</panel>
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
deanamite91
Explorer
09-16-2015
02:21 AM
Apart from missing out an eval it worked perfectly!
Thank you!
Get Updates on the Splunk Community!
Automatic Discovery Part 1: What is Automatic Discovery in Splunk Observability Cloud ...
If you’ve ever deployed a new database cluster, spun up a caching layer, or added a load balancer, you know it ...
Real-Time Fraud Detection: How Splunk Dashboards Protect Financial Institutions
Financial fraud isn't slowing down. If anything, it's getting more sophisticated. Account takeovers, credit ...
Splunk + ThousandEyes: Correlate frontend, app, and network data to troubleshoot ...
Are you tired of troubleshooting delays caused by siloed frontend, application, and network data? We've got a ...
