How to reordering the chart columns fields?

kkarthik2 · ‎08-06-2015

My chart columns is in time format and its showing each column represent per hours and starts from 00:00:00 to 24:00:00.
But I want to reordering the column from 9:00:00 to 8:00:00.
Example : Required the below format
column1 column2 column3 column4 column5..........................................column23 column 24
X 9:00:00 10:00:00 11:00:00 12:00:00 13:00:00..........................................07:00:00 08:00:00
foo foo1 foo1 foo1 foo1 foo1

but its showing like

              column1    column2         column3        column4    column5..........................................column23    column 24

X 00:00:00 1:00:00 2:00:00 3:00:00 4:00:00.......................................... 23:00:00 24:00:00
foo foo1 foo1 foo1 foo1 foo1

Mychart command

chart values(foo) by X column

Please provide me the solution

somesoni2 · ‎08-06-2015

If your column names are fixed, you can just issue a table command at the end of your search to change the column ordering. Something like this-

Your base search | chart values(foo) by X column | table X "9:00:00" "10:00:00" "11:00:00" "12:00:00" "13:00:00" .........................................."07:00:00" "08:00:00"

How to reordering the chart columns fields?

Announcing Scheduled Export GA for Dashboard Studio

Extending Observability Content to Splunk Cloud

More Control Over Your Monitoring Costs with Archived Metrics GA in US-AWS!