Splunk Search
×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question

Multi-Axis timechart

schlapfer
New Member
‎10-09-2013 11:22 AM

I am wanting to timechart total logins, login failures, and failure rate on a mult-axis graph. So time across the bottom, with total logins/login failures stacked and shown on 1 y-axis, and the failure rate percentage on the other y-axis. I can calculate the 3 values with the following search ... just not sure how to do the timechart with multi-axis for the logins and percentage series.

index=logins | stats count(eval(Login_Result="FAILED")) AS failed, count(eval(Login_Result)) AS total_logins | eval failure_rate=((failed/total_logins)*100) | eval failure_rate=round(failure_rate,2)

Tags (1)
0 Karma
Reply

alacercogitatus
SplunkTrust
SplunkTrust
‎10-10-2013 04:28 AM

index=logins | bin _time span=10m | stats count(eval(Login_Result="FAILED")) AS failed, count(eval(Login_Result)) AS total_logins by _time | eval failure_rate=round(((failed/total_logins)*100),2)

This should give you some time-based data to graph with. A Column Chart might work.

0 Karma
Reply
Get Updates on the Splunk Community!

Fastest way to demo Observability

I’ve been having a lot of fun learning about Kubernetes and Observability. I set myself an interesting ...

September Community Champions: A Shoutout to Our Contributors!

As we close the books on another fantastic month, we want to take a moment to celebrate the people who are the ...

Splunk Decoded: Service Maps vs Service Analyzer Tree View vs Flow Maps

It’s Monday morning, and your phone is buzzing with alert escalations – your customer-facing portal is running ...