Splunk Search
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question
Solved! Jump to solution

Pie charts revert to bar charts when copied. Why??

DTERM
Contributor
‎09-08-2011 12:49 PM

I've created an application that has many charts, including bar charts and pie charts. When I copy the splunk/etc/apps/myapp folder to a search head, all my pie charts turn into bar charts. Why is that and how can that be fixed?

I know how to modify the objects and turn them back into PIE charts. However, my question is how to prevent that from happening in the first place. I can't roll out the application and then fix it afterwards. That is not an option.

Thanks,

Tags (1)
0 Karma
Reply
1 Solution
Solved! Jump to solution
Solution

DTERM
Contributor
‎09-16-2011 10:52 AM

I've gone into the code and modified it to specify the specific chart type. That way, it does get copied over correctly.

View solution in original post

0 Karma
Reply
Solved! Jump to solution
Solution

DTERM
Contributor
‎09-16-2011 10:52 AM

I've gone into the code and modified it to specify the specific chart type. That way, it does get copied over correctly.

0 Karma
Reply
Solved! Jump to solution

Ant1D
Motivator
‎09-12-2011 08:05 AM

If these charts were running off a saved search then you will have to go to your local folder and look at savedsearch.conf. In here, the name of your search that is producing bar charts will have a vsid. You will then need to take this vsid and look at the viewstates.conf file. The matching vsid in this file should have an attribute called ChartTypeFormatter... = bar. You should change the word bar to pie. Maybe this will help

0 Karma
Reply
Solved! Jump to solution

Ant1D
Motivator
‎09-12-2011 02:40 AM

Maybe this is the case because your original searches/reports were saved via the report builder as bar charts and not pie charts.

0 Karma
Reply
Get Updates on the Splunk Community!

They're back! Join the SplunkTrust and MVP at .conf24

With our highly anticipated annual conference, .conf, comes the fez-wearers you can trust! The SplunkTrust, as ...

Enterprise Security Content Update (ESCU) | New Releases

Last month, the Splunk Threat Research Team had two releases of new security content via the Enterprise ...

Detecting Remote Code Executions With the Splunk Threat Research Team

REGISTER NOWRemote code execution (RCE) vulnerabilities pose a significant risk to organizations. If ...