Splunk Search
×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question

a very simple query with two data

rpachecoa
New Member
‎08-23-2020 09:13 PM

hello Guys,

I'm very very noob using Splunk, I have a very simple log file  which contains 5 columns of data:

bloque1 | 2020-04-01| 05:39:35.407 | 09:14:34.398 | 03:34:58.991
bloque1 | 2020-04-02| 03:50:29.469 | 07:26:32.869 | 03:36:03.4
bloque1 | 2020-04-03| 04:09:47.659 | 08:05:38.248 | 03:55:50.589
bloque1 | 2020-04-04| 04:49:51.142 | 08:37:40.141 | 03:47:48.999
bloque1 | 2020-04-05| 05:27:43.616 | 09:06:23.898 | 03:38:40.282
bloque1 | 2020-04-06| 06:51:08.264 | 10:27:12.113 | 03:36:03.849
bloque1 | 2020-04-07| 04:05:32.292 | 07:54:32.055 | 03:48:59.763

etc, I am trying to graph the second field with the last field.

The second field is the day of execution of a process and the last field is the average execution time  of that process.  I just want a graph that places the value of the execution date on "x" axis and the average time per day on the "y" Axis. 

But I only get a straight line graph with the event count per day. 

Could you help me with the query or the necessary steps to be able to obtain the graph I want. I greatly appreciate the support and your comments.

 

0 Karma
Reply

Nisha18789
Builder
‎08-23-2020 10:43 PM

Hi @rpachecoa , assuming execution date field name as execution_date and avg execution time as avg_exec_time and process name as process

......| chart values(avg_exec_time) by process over execution_date 

please upvote if it helps!

0 Karma
Reply
Career Survey
First 500 qualified respondents will receive a $20 gift card! Tell us about your professional Splunk journey.
Take the Survey
Get Updates on the Splunk Community!

Tech Talk Recap | Mastering Threat Hunting

Mastering Threat HuntingDive into the world of threat hunting, exploring the key differences between ...

Observability for AI Applications: Troubleshooting Latency

If you’re working with proprietary company data, you’re probably going to have a locally hosted LLM or many ...

Splunk AI Assistant for SPL vs. ChatGPT: Which One is Better?

In the age of AI, every tool promises to make our lives easier. From summarizing content to writing code, ...