Splunk Search
×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question
Solved! Jump to solution

How to represent data in piechart/Linechart which I received by using REST API

rupesh_patil20
Path Finder
‎08-31-2015 05:28 AM

My data after search has following columns along with the other columns as below

MLS_Number Count
1129078 1
1248955 1
1290591 2
1379041 1
2035500 3
2146693 1
2177466 4
2208748 1
2362548 1
3040705 1
3047234 3
4638653 2

so, on Y-axis it will show Count as 1, 2, 3 and 4
on X- axis I want count of MLS_Number, with respect to Count 1, 2,3,4

eg. here there are 7 records for the count = 1
similarly 2 records for Count = 2 in a such way .. i want to display the data.
Please help me with this..
Thanks Buddy...!!

0 Karma
Reply
1 Solution
Solved! Jump to solution
Solution

somesoni2
Revered Legend
‎08-31-2015 08:26 AM

Try something like this

your current search generating MLS_Number Count as shown in ques | stats count(MLS_Number) as MLSNumber by Count

View solution in original post

0 Karma
Reply
Solved! Jump to solution
Solution

somesoni2
Revered Legend
‎08-31-2015 08:26 AM

Try something like this

your current search generating MLS_Number Count as shown in ques | stats count(MLS_Number) as MLSNumber by Count
0 Karma
Reply
Solved! Jump to solution

rupesh_patil20
Path Finder
‎08-31-2015 10:32 PM

Hi Somesoni2,

I tried your query and I got the result but the problem arose now is it is giving me repetitive count, for example here there are 7 records for the count = 1, but in the result the count shown as 98550. As I am using REST API for input.. so may be it updates the data continuously.
Can you help me with time stamp, like how I can add it in search to get the exact data.

0 Karma
Reply
Get Updates on the Splunk Community!

Observe and Secure All Apps with Splunk

  Join Us for Our Next Tech Talk: Observe and Secure All Apps with SplunkAs organizations continue to innovate ...

Splunk Decoded: Business Transactions vs Business IQ

It’s the morning of Black Friday, and your e-commerce site is handling 10x normal traffic. Orders are flowing, ...

Fastest way to demo Observability

I’ve been having a lot of fun learning about Kubernetes and Observability. I set myself an interesting ...