Solved: How to create multiple radial gauges from a singel...

v920998 · ‎12-03-2013

I have a query that produces 4 field values. I am looking for a way to use thae gauge command to create multiple gauges, one for each result field of the query?

MuS · ‎12-03-2013

Hi v920998,

you can use PostProcess for this in your dashboard, build a base search to provide a set of base events and use this set in PostProcess.

Here is a perfect Example for this: Use one search for a whole dashboard

Most important for this is that your base search facilitates either a summary indexing command like:

sistats
sitimechart
sitop
sichart
sirare

or you use primary reporting commands, such as stat, timechart, top, chart, and rare.

hope this helps ...

cheers, MuS

View solution in original post

MuS · ‎12-03-2013

Hi v920998,

you can use PostProcess for this in your dashboard, build a base search to provide a set of base events and use this set in PostProcess.

Here is a perfect Example for this: Use one search for a whole dashboard

Most important for this is that your base search facilitates either a summary indexing command like:

sistats
sitimechart
sitop
sichart
sirare

or you use primary reporting commands, such as stat, timechart, top, chart, and rare.

hope this helps ...

cheers, MuS

How to create multiple radial gauges from a singel query?

Fueling your curiosity with new Splunk ILT and eLearning courses

Splunk AI Assistant for SPL 1.1.0 | Now Personalized to Your Environment for Greater ...

Unleash Unified Security and Observability with Splunk Cloud Platform