This is a more detailed description of the sample view from the insecurelogin example.
<view template="dashboard.html">
<module name="HiddenSearch" autoRun="True" layoutPanel="panel_row1_col1">
<param name="search">sourcetype=access_common | timechart span=5m count</param>
<param name="earliest">-24h</param>
<module name="HiddenChartFormatter">
<param name="chart">line</param>
<param name="primaryAxisTitle.text">Time</param>
<param name="legend.placement">bottom</param>
<param name="chartTitle">Stuff past 24 hours</param>
<module name="JobProgressIndicator"/>
<module name="FlashChart"/>
</module>
</module>
</view>
HiddenSearch is where the search is defined. To get a graph, you need some kind of reporting option. The optional "earliest" param defines the beginning of the timerange. This search says "Look all the events from the past 24 hours with sourcetype of access_common and tell me how many there are for each 5 minute span." timechart makes it a chart.
<module name="HiddenSearch" autoRun="True" layoutPanel="panel_row1_col1">
<param name="search">sourcetype=access_common | timechart span=5m count</param>
<param name="earliest">-24h</param>
HiddenChartFormatter defines how to display the data passed to it by HiddenSearch. The various params determine how it is displayed.
<module name="HiddenChartFormatter">
<param name="chart">line</param>
<param name="primaryAxisTitle.text">Time</param>
<param name="legend.placement">bottom</param>
<param name="chartTitle">Stuff past 24 hours</param>
<module name="JobProgressIndicator"/>
<module name="FlashChart"/>
</module>