Splunk – Basic Chart

Splunk has great visualization features which shows a variety of charts. These charts are created from the results of a search query where appropriate functions are used to give numerical outputs.

For example, if we look for the average file size in bytes from the data set named web_applications, we can see the result in the statistics tab as shown below −

Creating Charts

In order to create a basic chart, we first ensure that the data is visible in the statistics tab as shown above. Then we click on the Visualization tab to get the corresponding chart. The above data produces a pie chart by default as shown below.

Changing the Chart Type

We can change the chart type by selecting a different chart option from the chart name. Clicking on one of these options will produce the chart for that type of graph.

Formatting a Chart

The charts can also be formatted by using the Format option. This option allows to set the values for the axes, set the legends or show the data values in the chart. In the below example, we have chosen the horizontal chart and selected the option to show the data values as a Format option.

Leave a Reply