DEVHIDE
Login Or Sign up

Charting multivariables in Splunk

95 Views Asked by At

I have data in the following format in Splunk:

AppName  time count
app1     00.00 110
         00.10 120
         00.30 130
app2     00.00 210
         00.10 220
         00.30 230

How do I plot the above as a overlaid time series chart?

splunk
Original Q&A
2

There are 2 best solutions below

0
On

Please explain how Splunk separated events and time on this data? All these lines appear in 1 event? or each line is an event?

Assuming second answer:

|timechart avg(count) by AppName
0
On

In order to chart them in overlaid, time series:

index=* |timechart values(count) by AppName

code above should do the trick

Related Questions in SPLUNK

Trending Questions

Popular # Hahtags

javascript python java c# php android html jquery c++ css ios sql mysql r reactjs node.js arrays c asp.net json python-3.x ruby-on-rails .net sql-server swift django angular objective-c pandas excel

Popular Questions

Copyright © 2021 Jogjafile Inc.