My data displays in splunk and ![I was able to generate a correct table via running the command index=cmadam host=kot source= "/media/sf_aaa/log1.csv" | multikv | table PRODUCT_ID_, CDC_DVN_VERSION_, SUM_VALUE_ which covers all my needed variables at the moment. My goal is a table similar to this
When I press visualization I create a graph where the axis are correctly labeled, but no bars show up. What commands are best for creating this visualizations. I'd like the x to be CDC_DVN_VERSION_ and the y to be SUM_VALUE_ which can be filtered by a changing PRODUCT_ID_ later to be defined. Thanks.
For your bar chart, you can use commands like these
your base search | stats sum("SUM_VALUE_") as SUM_VALUE by CDC_DVN_VERSION_
OR
your base search | chart sum("SUM_VALUE_") as SUM_VALUE by CDC_DVN_VERSION_
To add PRODUCT_ID_, as filter, create a form input with token productid and use the token as filter in your base search
your base search PRODUCT_ID_="$productid$" | chart sum("SUM_VALUE_") as SUM_VALUE by CDC_DVN_VERSION_
See this for examples for how to create form/form input.
http://docs.splunk.com/Documentation/Splunk/6.4.2/Viz/Buildandeditforms
The above chart is what I hope to mimic or create similar to.