Solved: Create table and chart with different fields

hRun · ‎09-20-2013

Hello everyone,

I'm using splunk for logfile analysis and what I'm trying to do is generating a report including chart and table, but with different fields displayed.
If I try this:

... | table probability_of_portscan, number_of_connections, timespan, duration_in_seconds, src, dst, dst_ports | chart values(number_of_connections) OVER src BY probability_of_portscan

I get the chart I want, but with its correlating table, not the table I defined.

Each of the commands itself gives me what I want, but I can't figure out, how to get the table AND the chart I defined.
Any suggestions for combining the commands, apparently piping doesn't work?

gfuente · ‎09-20-2013

Hello

I guess you should create a new dashboard with two panels inside, one for the table and other one for the chart, then you will get all the info in the same screen

Regards

View solution in original post

gfuente · ‎09-20-2013

Hello

I guess you should create a new dashboard with two panels inside, one for the table and other one for the chart, then you will get all the info in the same screen

Regards

Create table and chart with different fields

Announcing Scheduled Export GA for Dashboard Studio

Extending Observability Content to Splunk Cloud

More Control Over Your Monitoring Costs with Archived Metrics GA in US-AWS!