Report Gallery

The following are examples of some of the reports you can generate using Splunk.

Column chart

This report shows the number of orders placed over time for each of the products offered by an online store.
The search used to generate this column chart was: orders | chart count(_raw) by product_id

Line chart

This report shows Web site access over time. The chart is broken up by individual Web pages (i.e. files). Instead of counting the number of hits, the chart adds up the number of bytes transferred for a given page. The search used to generate this graph was: sourcetype=access_combined | timechart sum(bytes) by file

Scatter plot

This scatter plot shows machine and service access over time. The scatter plot counts the number of distinct accesses by external machines (i.e., Foreign).
The exact search to generate this chart is: access | timechart dc(Foreign)

Area Chart

This area chart shows the CPU utilization, broken out by individual processes, on all machines that reported process statistics. This helps to identify processes that consume a lot of processing power or are otherwise behaving anomalously. The data used for this is a scripted input which reads UNIX process statistics (ps output).
The exact search to generate this chart is: sourcetype=ps | multikv | timechart max(CPU) by COMMAND

Line Chart

This line chart shows which machines were the most requested (by destination IP) over time. Splitting the series by dst_ip draws a single line per machine, making it easy to compare them.
The exact search to generate this chart is: netscreen permit | timechart count(dst_ip) by dst_ip

Bubble Chart

This bubble chart shows three data series. For each of the fields: Foreign, Local, and Path, it shows the distinct count of events seen over time.
The exact search to generate this chart is: communicate | timechart dc(Path) dc(Local) dc(Foreign)