Re: Monthly Graph not showing proper value on X ax...

hanibans · ‎08-12-2019

I am creating monthly chart using splunk timechart query as shown below:

index="sample_audit_log" | timechart span=1mon dc(username) as TOTAL_USERS

In statistics tab, results are showing proper months like 2019-07, 2019-08 but in visualization line chart, months are displaying wrong date June 30, 2019 6:30 PM and July 30, 2019 6:30 PM respectively.

In Statistics Tab:

In Visualization Tab:

It is displaying wrong date for every month. Example for July month, it is showing 30th June date.

Any suggestions would really be helpful and appreciable.

niketn · ‎08-12-2019

@hanibans what is the timezone of logged in user? Can you set the same to UTC and see?

____________________________________________
| makeresults | eval message= "Happy Splunking!!!"

Sukisen1981 · ‎08-12-2019

hi @hanibans
This is weird, yet your screen shot supports your statement. Assuming you have access to the _audit index, can you please run this query as is for all time range or last 3 months and tell us if you still see the same issue?

index="_audit" | timechart span=1mon dc(action) as TOTAL_ACTIONS

hanibans · ‎08-12-2019

@Sukisen1981 I am facing same issue for longer time duration. I tried running same query for 3 months and 6 months.

On Mouse hover, it is showing date of last month.

Sukisen1981 · ‎08-12-2019

uhh @hanibans - check out what @niketnilay says , the reason i asked you to try this was I was doubting what niket is saying, doesn't look like an issue with search duration, try tinkering with the timezones

Monthly Graph not showing proper value on X axis

Webinar Recap | Revolutionizing IT Operations: The Transformative Power of AI and ML ...

.conf24 | Registration Open!

ICYMI - Check out the latest releases of Splunk Edge Processor