How can I make interpolation between given two poi...

SSwaminathan90 · ‎12-06-2022

Hi Team,

Considering the image shared below:- x1 is my x-axis and y1 is my y-axis.

I would like to interpolate values for x1, var1 & var2 and not for y1 as shown below: -

@interpolation, @ scatterplot.

Any leads are welcome here 🙂

SSwaminathan90 · ‎12-13-2022

What's the visualisation - scatter or line chart? What does your data table look like?

Ans:- Its a scatter plot. here I would like to increase the marker size for orange dots and reduce marker size for green & blue dots.

My data table looks like as below:-

X	dist	Y
green	130	-0.0051
blue	130	0.0051
orange	130	0.0015
green	129.99	-0.005
blue	129.99	0.005
green	129.98	-0.005
blue	129.98	0.005

bowesmana · ‎12-07-2022

Add this to your SPL

| makecontinuous x1
| filldown var1 var2

SSwaminathan90 · ‎12-13-2022

@bowesmana

Thanks for your suggestion. with that query, I was able to create the below graph. But if you see the boundary lines (green & blue), though it looks like a straight line but not smooth because for every value of xaxis, green & blue line values are computed with the line equation. So my aim is to make the line as smooth as possible.

1st question:- I would like to consider few random points between xaxis value 15 and 130. and interpolate between the random points.

Any leads are welcome on how create a interpolation.

2nd question:- Is it possible to increase the marker size for orange dots and reduce the marker size for blue and green lines.

Any leads are welcome.

bowesmana · ‎12-13-2022

Use streamstats on that data set and reference the blue and green variables

| streamstats window=5 avg(blue) as blue avg(green) as green

where blue and green are the names of your variables

What's the visualisation - scatter or line chart? What does your data table look like?

SSwaminathan90 · ‎12-14-2022

@bowesmana

Thanks for the suggestion.

But still, I could not able to see the smooth line profile. It is somewhat looks like sawtooth.

bowesmana · ‎12-14-2022

Play around with the window, the bigger the window, the smoother the average will be. However, your Y axis has a very small scale, so even if your y-value goes up by 0.005, it will appear like a bigger jump.

Here's an example that creates dummy data based on your example green/blue/orange numbers. I've extrapolated out further data points.

| makeresults count=900
| streamstats c
| fields - _time
| eval X=case(c%3=1, "green", c%3=2, "blue", c%3=0, "orange")
| eval dist=130-((floor(c/3))/100)
| eval t=0.0051 - ((floor(c/3)) / 100000)
| eval Y=case(c%3=1, t, c%3=2, -t, c%3=0, random() % (t * 10000) / 10000 - (t/2))
| table X dist Y
```| streamstats window=5 avg(Y) as avg by X
| eval Y=if(X="orange", Y, avg)
| fields - avg```

As you can see the blue/green lines are sawtooth in the scatter, but if you uncomment the last 3 lines, the blue/green lines become smooth.

Does that not happen?

As far as making green/blue lines smaller, it's not possible with the scatter graph

Would a like chart work if you turn the data to a format suitable for a line chart?

| chart values(Y) over dist by X
| streamstats window=15 avg(green) as green avg(blue) as blue

How can I make interpolation between given two points in Splunk, where time variable is not involved?

eval

Enterprise Security Content Update (ESCU) | New Releases

Why am I not seeing the finding in Splunk Enterprise Security Analyst Queue?

Index This | What are the 12 Days of Splunk-mas?