Solved: Re: How to view percentages in column chart instea...

HeinzWaescher · ‎07-30-2014

Hi,

I'm using a column visualization and the stack mode "100%". It would be nice to have the percentages in the chart instead of total values. Is this possible without calculating the percentages in the search?

BR

Heinz

martin_mueller · ‎08-01-2014

Calculating that in search isn't hard though:

index=_internal | timechart count by sourcetype | addtotals fieldname=_Total | foreach * [eval <<FIELD>> = '<<FIELD>>' * 100 / _Total] | fields - _Total

You can move the addtotals | foreach | fields into a macro and reuse it.

View solution in original post

martin_mueller · ‎08-01-2014

Calculating that in search isn't hard though:

index=_internal | timechart count by sourcetype | addtotals fieldname=_Total | foreach * [eval <<FIELD>> = '<<FIELD>>' * 100 / _Total] | fields - _Total

You can move the addtotals | foreach | fields into a macro and reuse it.

HeinzWaescher · ‎08-04-2014

Awesome, didn't know it can be done so easy. Thanks!

martin_mueller · ‎08-01-2014

I don't think so.

How to view percentages in column chart instead of total values without calculating percentages in search?

Webinar Recap | Revolutionizing IT Operations: The Transformative Power of AI and ML ...

.conf24 | Registration Open!

ICYMI - Check out the latest releases of Splunk Edge Processor