How do I get my SPLUNK csv excel data to display v...

vstrash · ‎08-10-2016

My data displays in splunk and ![I was able to generate a correct table via running the command index=cmadam host=kot source= "/media/sf_aaa/log1.csv" | multikv | table PRODUCT_ID_, CDC_DVN_VERSION_, SUM_VALUE_ which covers all my needed variables at the moment. My goal is a table similar to this
When I press visualization I create a graph where the axis are correctly labeled, but no bars show up. What commands are best for creating this visualizations. I'd like the x to be CDC_DVN_VERSION_ and the y to be SUM_VALUE_ which can be filtered by a changing PRODUCT_ID_ later to be defined. Thanks.

somesoni2 · ‎08-10-2016

For your bar chart, you can use commands like these

your base search | stats sum("SUM_VALUE_") as SUM_VALUE by CDC_DVN_VERSION_

OR

your base search | chart sum("SUM_VALUE_") as SUM_VALUE by CDC_DVN_VERSION_

To add PRODUCT_ID_, as filter, create a form input with token productid and use the token as filter in your base search

your base search PRODUCT_ID_="$productid$" | chart sum("SUM_VALUE_") as SUM_VALUE by CDC_DVN_VERSION_

See this for examples for how to create form/form input.
http://docs.splunk.com/Documentation/Splunk/6.4.2/Viz/Buildandeditforms

vstrash · ‎08-10-2016

The above chart is what I hope to mimic or create similar to.

How do I get my SPLUNK csv excel data to display via a horizontal bar chart?

Introducing the Splunk Community Dashboard Challenge!

Built-in Service Level Objectives Management to Bridge the Gap Between Service & ...

Get Your Exclusive Splunk Certified Cybersecurity Defense Engineer Certification at ...