Hi Team,
Following is my data:
| SS | TT | DT | DA | LT | LA | TO | TA |
| a | xxx | 4 | 3 | 2 | 3 | 7 | 6 |
| a | yyy | 2 | 2 | 2 | 3 | 4 | 5 |
| b | xxx | 1 | 1 | 1 | 1 | 3 | 3 |
| b | yyy | 1 | 1 | 1 | 1 | 1 | 1 |
following is the graph i can populate in excel
Following is the graph I was able to populate in splunk
My problem is I can "SS" written in the Splunk graph, also I can see "a" "b" written in the graph....but along from these i also need "xxx" "yyy" to appear as legend under all 4 graphs.
how can we do that?
MY QUERY FOR DATA
|stats sum(* ) by SS,TT
|foreach sum* [eval <<FIELD>> = round(('<<FIELD>>' * 1000),2) ]
|rename sum(*) as *
|stats values(*) by SS,TT
|rename values(*) as *
|table SS,TT,DT,DA,LT,LA,TO,TA
1 Solution
