I'm new to Splunk and I have a question about how to query the information I need. I'm indexing IIS web server logs. I would like to determine if the server is responding slowly at certain times of the day for the past few months. So, my question would be: how do I produce a graph showing average and/or max request times (time_taken) for each hour? The graph would have 24 bars (or 48 bars in pairs of 2 if showing max and avg together) representing the hours of the day and the query would control how many days that graph represents. Thanks for your help! So far, so good with Splunk! Corey ... View more