×

Join the Conversation

Without signing in, you're just watching from the sidelines. Sign in or Register to connect, share, and be part of the Splunk Community.
Ask a Question
mallika_reddy_
New Member
Member since: ‎02-16-2023
‎02-17-2023
Community Statistics
Posts 1
Solutions 0
Karma Given 0
Karma Received 0
Member Since ‎02-16-2023
Topics I've Started
No posts to display.
View All

Re: Use the spath command correctly to create a pi...

by in Dashboards & Visualizations
‎02-16-2023 10:19 PM
‎02-16-2023 10:19 PM
Hey @zeroCalm  One of the reason why the results are coming for count and not for timechart is because the timechart must not be pointing to correct field for _time. You can override it by converting your time field to splunk time format and pass to _time. Ex: eval formatted_time =strptime(you_time_field_value,"%Y-%m-%dT%H:%M:%S") | eval _time = formatted_time   Posting it as it might help others 🙂 ... View more
Contact Me
Online Status
Offline
Date Last Visited
‎02-17-2023 12:03 AM