Splunk Search
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question
Solved! Jump to solution

How to create a scatter graph of chain stores on the y-axis with a dot over each city a store is located long the x-axis?

lyndac
Contributor
‎10-06-2015 07:22 AM

I have Splunk indexing a file that contains information about the geographical location of stores:

city, chain, numStores
Pasadena, Walmart, 0
Pasadena, Kmart, 1
Glen Burnie, Walmart, 1
Glen Burnie, Target, 1
Glen Burnie, Kmart, 1
Millersville, Target, 1

I want to be able to plot this data into a scatter chart where the X-axis is the city, the Y-axis is the chain, and the "dot" appears at the intersection where the city has a store (similar to below, but the X's are dots and they are lined up in the column):

Walmart|                       X
KMart  |      X                X
Target |                       X                  X
-----------------------------------------------------------------
           Pasadena       Glen Burnie        Millersville

Try as I might, I cannot even get the axes to display correctly. Is it possible to do what I am asking? I read in the "Data Requirments for Visualizations" document that I need to graph the events directly, so I tried this:
index=foo | fields - _* | fields city, chain (I get no results for this)
index=foo | fields city, chain (I don't see any plots, but the legend shows up with city and _time. The x axis is labeled city, but no values are displayed and the y-axis shows values 50 and 100 which are not even in the data.)

I wish I could paste the graph here, but my Splunk is on a closed instance so I have to retype everything here.

0 Karma
Reply
1 Solution
Solved! Jump to solution
Solution

afishkin_splunk
Splunk Employee
Splunk Employee
‎10-06-2015 10:40 AM

scatter graph returns number for both Y-Axis and X-Axis
http://docs.splunk.com/Documentation/Splunk/6.3.0/Viz/Datastructurerequirementsforvisualizations and select Scatter charts link on the right panel

View solution in original post

0 Karma
Reply
Solved! Jump to solution
Solution

afishkin_splunk
Splunk Employee
Splunk Employee
‎10-06-2015 10:40 AM

scatter graph returns number for both Y-Axis and X-Axis
http://docs.splunk.com/Documentation/Splunk/6.3.0/Viz/Datastructurerequirementsforvisualizations and select Scatter charts link on the right panel

0 Karma
Reply
Get Updates on the Splunk Community!

Introducing Splunk Enterprise 9.2

WATCH HERE! Watch this Tech Talk to learn about the latest features and enhancements shipped in the new Splunk ...

Adoption of RUM and APM at Splunk

    Unleash the power of Splunk Observability   Watch Now In this can't miss Tech Talk! The Splunk Growth ...

Routing logs with Splunk OTel Collector for Kubernetes

The Splunk Distribution of the OpenTelemetry (OTel) Collector is a product that provides a way to ingest ...