Solved: How to create stacked bar chart for http/https?

jrich523 · ‎04-14-2010

is it possible to do a stacked bar chart where it splits it in two to show how much is https requests and how much is http requests?

gkanapathy · ‎04-14-2010

You must make sure you have an extraction on your data to differentiate the two, but you would simply do:

sourcetype=whatever | chart count by ssl_type

where ssl_type might be the field that contains, say, the inbound port number or a search-time extraction of the incoming URL request, assuming that is logged.

View solution in original post

BunnyHop · ‎04-15-2010

Try this search:

sourcetype=whatever | chart count(ssl_type) over protocol by ssl_type

gkanapathy · ‎04-14-2010

You must make sure you have an extraction on your data to differentiate the two, but you would simply do:

sourcetype=whatever | chart count by ssl_type

where ssl_type might be the field that contains, say, the inbound port number or a search-time extraction of the incoming URL request, assuming that is logged.

How to create stacked bar chart for http/https?

Splunk AI Assistant for SPL | Key Use Cases to Unlock the Power of SPL

Buttercup Games: Further Dashboarding Techniques (Part 5)

Customers Increasingly Choose Splunk for Observability