Solved: additional info on timechart

indeed_2000 · ‎11-22-2021

Hi

I need to show id1,id2 on timechart

have table with these columns:

index="myindex" | table duration servername id1 id2

duration Time servername id1 id2
2.643000 2021-22-11 18:30:45 Server1 111 32
2.009000 2021-22-11 18:30:45 Server2 321 72

need to create timechart that show durations by servernames and additional column data id1, id2

Any idea?
Thanks

ITWhisperer · ‎11-22-2021

This is not possible with the standard timechart because you have too many dimensions, time, servername, duration, id1 and id2. You can do it with 3 dimensions e.g. time, servername and one of duration, id1, id2

| xyseries Time servername duration

View solution in original post

ITWhisperer · ‎11-22-2021

This is not possible with the standard timechart because you have too many dimensions, time, servername, duration, id1 and id2. You can do it with 3 dimensions e.g. time, servername and one of duration, id1, id2

| xyseries Time servername duration

additional info on timechart

chart

fields

join

rex

stats

Announcing the Expansion of the Splunk Academic Alliance Program

Learn Splunk Insider Insights, Do More With Gen AI, & Find 20+ New Use Cases You Can ...

Buttercup Games: Further Dashboarding Techniques (Part 7)