This is not current Splunk documentation.
Splunk 3.4.2 is the latest version. Only use this page with older Splunk 2.0.x.
« Previous  |   Table of Contents   |   Next »

Splunk User Manual (Splunk v2.0)

Splunk Search Interface

Show Events by Time

Click this link to display an interactive histogram plot of your splunk results.

Zoom In/Out

Click the magnifying glass-shaped + and - icons to zoom in or out from days to hours to minutes.

Select Range

Click on one bar in the histogram to narrow your search to that time range, or use Shift-click to select a range of several time buckets. The search results on the page will be filtered to match. This lets you quickly spot periods of unusual activity using the chart and then zoom in on the log data from that period.

Hoverplots

Mouse over individual meta data values—eventtype::, host::, etc.—on any of the tabbed results panels—Events, Event Types, Sources, etc.—to plot a different color histogram for only the events matching that value against the plot of all events. This is a good quick way to spot trends on your network.

« Previous  |   Table of Contents   |   Next »

Comments

No comments have been submitted.

close

Flash required to play this video.

Click here to download the free Flash Player.

Description:

Permalink: