Solved: How to create stacked bar chart for http/https?

jrich523 · ‎04-14-2010

is it possible to do a stacked bar chart where it splits it in two to show how much is https requests and how much is http requests?

gkanapathy · ‎04-14-2010

You must make sure you have an extraction on your data to differentiate the two, but you would simply do:

sourcetype=whatever | chart count by ssl_type

where ssl_type might be the field that contains, say, the inbound port number or a search-time extraction of the incoming URL request, assuming that is logged.

View solution in original post

BunnyHop · ‎04-15-2010

Try this search:

sourcetype=whatever | chart count(ssl_type) over protocol by ssl_type

gkanapathy · ‎04-14-2010

You must make sure you have an extraction on your data to differentiate the two, but you would simply do:

sourcetype=whatever | chart count by ssl_type

where ssl_type might be the field that contains, say, the inbound port number or a search-time extraction of the incoming URL request, assuming that is logged.

How to create stacked bar chart for http/https?

Join the Splunk Community Slack to learn, troubleshoot, and make connections with fellow Splunk practitioners in real time!

Join Splunk User Groups to connect and learn in-person by region or remotely by topic or industry.

Why Splunk Customers Should Attend Cisco Live 2026 Las Vegas

What Is the Name of the USB Key Inserted by Bob Smith? (BOTS Hint, Not the Answer)

Automating Threat Operations and Threat Hunting with Recorded Future

Join the Conversation