I am new to Splunk and I have a requirement as below to show in Splunk dashboard,
- Number of groups created/deleted every day – Grouped Bar Chart, with 30 days as default time range
- Approved / Rejected / Pending requests every day – Stacked Bar chart, with 30 days as default time range.
- Top 10 Approvers in last 30 days – Table (Approver name/email, number of approved/rejected requests)
- Total number of requests placed via packs every day – Bar chart, 30-day time range default
My questions here are,
- How to create a grouped bar chart ? ( i know to create a plain bar chart with a search result in splunk)
- How to create a stacked bar chart ?
- How to calculate the top 10 approvers for 30 days. ( i can find the list of approvers for last 30 days)
- How to calculate the total number of requests everyday ( i can find the logs which match the requests placed, but how to find the total?)
