10.0, 9.4, 9.3, 9.2, 9.1, 9.0, 8.x
This app is for anyone who wants to visualise and correlate multiple separate events on a common timeline.
This app provides a visualization that you can use in your own apps and dashboards.
To use it in your dashboards, simply install the app, and create a search that provides the values you want to display.
Use a treemap to visualize how a general metric divides across different areas or categories: * Budgets and expenses * Data center server status * University departments and courses offered * Incident ticket severity and duration
The following fields can be used in the search: * Parent Category (required): A main categorisation for the data. * Count (required): A numeric value to apply to the Category and subcategories * Child Category (optional): A sub-category for the data * color (optional): A hex color code to apply to that parent cateogry, e.g. #abcdef for light blue. To have a color theme applied, use the Color tab in the options window
| makeresults count=25
| streamstats count as id
| eval label=case(id%3=0,"Event A", id%5=0,"Event B", id%7=0,"Event C", id%11=0,"Event D",1=1,"Event E")
| eval subcat = "Subcategory " . random()%5
| eval range=if(random()%2=0,"low","severe")
| stats count by label, subcat
This visualization generates the following tokens on click:
* Label token - defaults to: $tm_label$
* Value token - defaults to: $tm_val$
* Path token - defaults to: $tm_path$
* Parent token - defaults to: $tm_parent$
Note: all token names are customisable in the visualization settings menu.
You can use the tokens to create drilldowns / dynamic panels in your dashboards. You can also use the Splunk drilldown menu to link to another dashboard, a search, or a specific URL.
The tokens mentioned above will be evaluated first, then the drilldown will happen (if you configured a drilldown). This means you can link to a custom search using the label, value, path, or parent tokens for the cell you clicked.
The visualization is bound by the following limits:
Total results: 10,000
v 1.0.0
Initial version
As a Splunkbase app developer, you will have access to all Splunk development resources and receive a 10GB license to build an app that will help solve use cases for customers all over the world. Splunkbase has 1000+ apps from Splunk, our partners and our community. Find an app for most any data source and user need, or simply create your own with help from our developer portal.