use the heat map option and highlight the max and ...

HattrickNZ · ‎04-06-2020

hi there

THis is my sample data. I want to use the heat map option and highlight the max and min per each column.
So I would have 2 values highlighted in each column, the max and the min.
Can this be done in Splunk 7.3.1?

| makeresults 
      | eval data = "
 1    10;
 2    9;
 3    8;
 4    7;
 5    6;
 6    5;
 7    4;
 8    3;
 9    2;
 10   1;
     " 
      | makemv delim=";" data
      | mvexpand data
      | rex field=data "(?<Date>\d+)\s+(?<Y>\d+)"
      | fields + Date Y | fields - _time
      |search Y = * | 
      chart count(Y) by Y | sort + Y

this is what I get just using the default setting.

similar question asked here before
https://answers.splunk.com/answers/116018/splunk-6-simple-xml-dataoverlaymode-on-table-can-we-specif...

niketn · ‎04-07-2020

@HattrickNZ I have posted an answer to @somesoni2 's question posted above. https://answers.splunk.com/answers/116018/splunk-6-simple-xml-dataoverlaymode-on-table-can-we-specif...

Please refer to one of my older answer on similar lines which also explains both approaches: https://answers.splunk.com/answers/686288/how-do-you-highlight-a-table-cell-based-on-a-field.html

Do upvote the other answers if you find them useful!

____________________________________________
| makeresults | eval message= "Happy Splunking!!!"

use the heat map option and highlight the max and min per each column.

Can’t make it to .conf25? Join us online!

Index This | How many sevens are there between 1 and 100?

Leveraging Automated Threat Analysis Across the Splunk Ecosystem

What Is Splunk? Here’s What You Can Do with Splunk

Are you a member of the Splunk Community?

use the heat map option and highlight the max and min per each column.

Can’t make it to .conf25? Join us online!

Index This | How many sevens are there between 1 and 100?

Leveraging Automated Threat Analysis Across the Splunk Ecosystem

What Is Splunk? Here’s What You Can Do with Splunk