new to splunk, sorry if this is trivial.
by default the timeline graph are draw based on number of occurrence. I want something different.
say my log entry are like this:
Timestamp=2011/11/30 15:31:32.424, Timespent=0.4063
Timestamp=2011/11/30 15:24:16.653, Timespent=1.0156
Timestamp=2011/11/30 15:17:01.522, Timespent=0.4219
Timestamp=2011/11/30 15:09:28.907, Timespent=0.1250
Timestamp=2011/11/30 15:02:09.526, Timespent=0.1406
Timestamp=2011/11/30 14:55:10.615, Timespent=0.6875
1). is it possible to create report/graph using Timestamp field as X-axis and Timespent field as Y-axis?
2). how to create report that shows number of records(or percentage) that Timespent values are between 0-0.5 and 0.5-1.0 etc?
Thanks.
... View more