Splunk Search
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

How to search in real time and append those values in dashboard?

badrinath
Path Finder
‎05-12-2022 04:48 AM

Hi all, 

whenever I get a new log I wanted to count of the number of logs for the last 5 min and then append it to a graph. but I should be able to see graph of 1whole day

Labels (3)
0 Karma
Reply

richgalloway
SplunkTrust
SplunkTrust
‎05-12-2022 06:37 AM

Perhaps something like this?

| timechart span=5m distinct_count(source)

 

---
If this reply helps you, Karma would be appreciated.
0 Karma
Reply

badrinath
Path Finder
‎05-12-2022 06:59 AM

actually I need to do a real time search and append the results to a graph continuously.

0 Karma
Reply

richgalloway
SplunkTrust
SplunkTrust
‎05-12-2022 09:36 AM

That's what should happen using the above.

---
If this reply helps you, Karma would be appreciated.
0 Karma
Reply

badrinath
Path Finder
‎05-13-2022 02:43 AM

that's correct  but its creating something like buckets of 10min each like 2:00 to 2:10 and then counting in that time range.

but what I need is as soon as I get data lets say at 2:14 it should count the data from 2:04 to 2:14 and then append the count to graph.

when I get new data at 2:16 again it should count from 2:06 to 2:16 and append the count to graph again.

0 Karma
Reply
Get Updates on the Splunk Community!

Announcing Scheduled Export GA for Dashboard Studio

We're excited to announce the general availability of Scheduled Export for Dashboard Studio. Starting in ...

Extending Observability Content to Splunk Cloud

Watch Now!   In this Extending Observability Content to Splunk Cloud Tech Talk, you'll see how to leverage ...

More Control Over Your Monitoring Costs with Archived Metrics GA in US-AWS!

What if there was a way you could keep all the metrics data you need while saving on storage costs?This is now ...