×

Join the Conversation

Without signing in, you're just watching from the sidelines. Sign in or Register to connect, share, and be part of the Splunk Community.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question
JanetLong
Engager
Member since: ‎11-29-2021
‎12-03-2021
Community Statistics
Posts 2
Solutions 0
Karma Given 1
Karma Received 0
Member Since ‎11-29-2021
Activity Feed
Topics I've Started
View All

Re: Trellis Search

by in Splunk Search
‎11-30-2021 10:32 PM
‎11-30-2021 10:32 PM
Brilliant. Thanks... I learned a lot from picking that apart.  ... View more

Trellis Search

by in Splunk Search
‎11-29-2021 01:41 AM
‎11-29-2021 01:41 AM
Splunk's VisualizationTrellis documentation page shows example searches for things like count by sourcetype, and later shows trellis-ed visualizations for multi-value items, but there are no example searches for them.  My data looks like this... {    audit: {      audit_enabled: Compliant,        control_access: NotCompliant,      firewall_on: NotCompliant,       etc: ...     } } I can create separate searches for each item in audit {} like this... source=device_audit  | stats count by audit.audit_enabled But there are many audit items. I'd like to trellis pie charts for each audit item without creating a separate search for each.  Is there are search I can use to trellis to produce three pie charts to show the split between compliant and notCompliant for each of the audit items (audit_enabled/control_access/firewall_on)? Thank you.  ... View more
Labels
Contact Me
Online Status
Offline
Date Last Visited
‎12-03-2021 11:21 AM
Karma given to
View All