All Apps and Add-ons
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question
Solved! Jump to solution

Graph the Highest hits in a 5 minute interval per day split by a field

yechoorv
Explorer
‎05-23-2014 01:30 PM

I want to create a graph that graphs the hits of the 5 minute interval with the maximum hits on that day. I also want to split this up by a field called MethodName:

Something like

source:__ | timechart count as hits span=5m | timechart max(hits)

That is the graph I need, but I need to split this by the field: "MethodName"

Any suggestions?

Tags (3)
Reply
1 Solution
Solved! Jump to solution
Solution

dwaddle
SplunkTrust
SplunkTrust
‎05-24-2014 04:54 PM

Here's an approach that looks like it should work, using Splunk's internal data as an example:

index=_internal 
| bucket span=1m _time 
| stats count by _time,source 
| timechart span=1d max(count) by source

View solution in original post

Reply
Solved! Jump to solution
Solution

dwaddle
SplunkTrust
SplunkTrust
‎05-24-2014 04:54 PM

Here's an approach that looks like it should work, using Splunk's internal data as an example:

index=_internal 
| bucket span=1m _time 
| stats count by _time,source 
| timechart span=1d max(count) by source
Reply
Solved! Jump to solution

yechoorv
Explorer
‎05-27-2014 05:52 AM

Worked perfectly thanks!

Reply
Get Updates on the Splunk Community!

Index This | I’m short for "configuration file.” What am I?

May 2024 Edition Hayyy Splunk Education Enthusiasts and the Eternally Curious!  We’re back with a Special ...

New Articles from Academic Learning Partners, Help Expand Lantern’s Use Case Library, ...

Splunk Lantern is a Splunk customer success center that provides advice from Splunk experts on valuable data ...

Your Guide to SPL2 at .conf24!

So, you’re headed to .conf24? You’re in for a good time. Las Vegas weather is just *chef’s kiss* beautiful in ...