You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
389 lines
12 KiB
389 lines
12 KiB
label =
|
|
description =
|
|
search_fragment =
|
|
default_height = 250
|
|
default_width = 250
|
|
trellis_default_height = 400
|
|
allow_user_selection = True
|
|
supports_trellis = False
|
|
supports_drilldown = False
|
|
supports_export = False
|
|
data_sources = primary
|
|
data_sources.primary.params.show_metadata = true
|
|
|
|
# Splunk core visualizations - DO NOT EDIT
|
|
|
|
[line]
|
|
label = Line Chart
|
|
description = Track values and trends over time.
|
|
search_fragment = | timechart count [by comparison_category]
|
|
default_height = 300
|
|
default_width = 300
|
|
min_height = 100
|
|
min_width = 100
|
|
max_height = 10000
|
|
supports_drilldown = True
|
|
supports_export = True
|
|
supports_trellis = True
|
|
core.icon = chart-line
|
|
core.preview_image = line.png
|
|
core.order = 1
|
|
core.type = visualizations
|
|
core.viz_type = charting
|
|
core.charting_type = line
|
|
core.recommend_for = timechart, predict
|
|
core.height_attribute = display.visualizations.chartHeight
|
|
data_sources = primary,annotation
|
|
data_sources.primary.params.output_mode = json_cols
|
|
data_sources.primary.params.count = $display.visualizations.charting.data.count:JSCHART_RESULTS_LIMIT:10000$
|
|
data_sources.primary.params.offset = 0
|
|
data_sources.annotation.params.output_mode = json_cols
|
|
data_sources.annotation.params.count = 1000
|
|
|
|
[area]
|
|
label = Area Chart
|
|
description = Track changes in aggregated values over time.
|
|
search_fragment = | timechart count [by comparison_category]
|
|
default_height = 300
|
|
default_width = 300
|
|
min_height = 100
|
|
min_width = 100
|
|
max_height = 10000
|
|
supports_drilldown = True
|
|
supports_export = True
|
|
supports_trellis = True
|
|
core.icon = chart-area
|
|
core.preview_image = area.png
|
|
core.order = 2
|
|
core.type = visualizations
|
|
core.viz_type = charting
|
|
core.charting_type = area
|
|
core.recommend_for = timechart
|
|
core.height_attribute = display.visualizations.chartHeight
|
|
data_sources = primary,annotation
|
|
data_sources.primary.params.output_mode = json_cols
|
|
data_sources.primary.params.count = $display.visualizations.charting.data.count:JSCHART_RESULTS_LIMIT:10000$
|
|
data_sources.primary.params.offset = 0
|
|
data_sources.annotation.params.output_mode = json_cols
|
|
data_sources.annotation.params.count = 1000
|
|
|
|
[column]
|
|
label = Column Chart
|
|
description = Compare values or fields.
|
|
search_fragment = | stats count by comparison_category
|
|
default_height = 300
|
|
default_width = 300
|
|
min_height = 100
|
|
min_width = 100
|
|
max_height = 10000
|
|
supports_drilldown = True
|
|
supports_export = True
|
|
supports_trellis = True
|
|
core.icon = chart-column
|
|
core.preview_image = column.png
|
|
core.order = 3
|
|
core.type = visualizations
|
|
core.viz_type = charting
|
|
core.charting_type = column
|
|
core.recommend_for = timechart, top, rare
|
|
core.height_attribute = display.visualizations.chartHeight
|
|
data_sources = primary,annotation
|
|
data_sources.primary.params.output_mode = json_cols
|
|
data_sources.primary.params.count = $display.visualizations.charting.data.count:JSCHART_RESULTS_LIMIT:10000$
|
|
data_sources.primary.params.offset = 0
|
|
data_sources.annotation.params.output_mode = json_cols
|
|
data_sources.annotation.params.count = 1000
|
|
|
|
[bar]
|
|
label = Bar Chart
|
|
description = Compare values or fields.
|
|
search_fragment = | stats count by comparison_category
|
|
default_height = 300
|
|
default_width = 300
|
|
min_height = 100
|
|
min_width = 100
|
|
max_height = 10000
|
|
supports_drilldown = True
|
|
supports_export = True
|
|
supports_trellis = True
|
|
core.icon = chart-bar
|
|
core.preview_image = bar.png
|
|
core.order = 4
|
|
core.type = visualizations
|
|
core.viz_type = charting
|
|
core.charting_type = bar
|
|
core.recommend_for = top, rare
|
|
core.height_attribute = display.visualizations.chartHeight
|
|
data_sources = primary
|
|
data_sources.primary.params.output_mode = json_cols
|
|
data_sources.primary.params.count = $display.visualizations.charting.data.count:JSCHART_RESULTS_LIMIT:10000$
|
|
data_sources.primary.params.offset = 0
|
|
|
|
[pie]
|
|
label = Pie Chart
|
|
description = Compare categories in a dataset.
|
|
search_fragment = | stats count by comparison_category
|
|
default_height = 300
|
|
default_width = 300
|
|
min_height = 100
|
|
min_width = 100
|
|
max_height = 10000
|
|
supports_drilldown = True
|
|
supports_export = True
|
|
supports_trellis = True
|
|
core.icon = chart-pie
|
|
core.preview_image = pie.png
|
|
core.order = 5
|
|
core.type = visualizations
|
|
core.viz_type = charting
|
|
core.charting_type = pie
|
|
core.recommend_for = top, rare
|
|
core.height_attribute = display.visualizations.chartHeight
|
|
data_sources = primary
|
|
data_sources.primary.params.output_mode = json_cols
|
|
data_sources.primary.params.count = $display.visualizations.charting.data.count:JSCHART_RESULTS_LIMIT:10000$
|
|
data_sources.primary.params.offset = 0
|
|
|
|
[scatter]
|
|
label = Scatter Chart
|
|
description = Show relationships between discrete values in two dimensions.
|
|
search_fragment = | stats x_value_aggregation y_value_aggregation by name_category [comparison_category]
|
|
default_height = 300
|
|
default_width = 300
|
|
min_height = 100
|
|
min_width = 100
|
|
max_height = 10000
|
|
supports_drilldown = True
|
|
supports_export = True
|
|
supports_trellis = True
|
|
core.icon = chart-scatter
|
|
core.preview_image = scatter.png
|
|
core.order = 6
|
|
core.type = visualizations
|
|
core.viz_type = charting
|
|
core.charting_type = scatter
|
|
core.height_attribute = display.visualizations.chartHeight
|
|
data_sources = primary
|
|
data_sources.primary.params.output_mode = json_cols
|
|
data_sources.primary.params.count = $display.visualizations.charting.data.count:JSCHART_RESULTS_LIMIT:10000$
|
|
data_sources.primary.params.offset = 0
|
|
|
|
[bubble]
|
|
label = Bubble Chart
|
|
description = Show relationships between discrete values in three dimensions.
|
|
search_fragment = | stats x_value_aggregation y_value_aggregation size_aggregation by name_category [comparison_category]
|
|
default_height = 300
|
|
default_width = 300
|
|
min_height = 100
|
|
min_width = 100
|
|
max_height = 10000
|
|
supports_drilldown = True
|
|
supports_export = True
|
|
supports_trellis = True
|
|
core.icon = chart-bubble
|
|
core.preview_image = bubble.png
|
|
core.order = 7
|
|
core.type = visualizations
|
|
core.viz_type = charting
|
|
core.charting_type = bubble
|
|
core.height_attribute = display.visualizations.chartHeight
|
|
data_sources = primary
|
|
data_sources.primary.params.output_mode = json_cols
|
|
data_sources.primary.params.count = $display.visualizations.charting.data.count:JSCHART_RESULTS_LIMIT:10000$
|
|
data_sources.primary.params.offset = 0
|
|
|
|
[singlevalue]
|
|
label = Single Value
|
|
description = Track a metric with context and trends.
|
|
search_fragment = | timechart count
|
|
default_height = 115
|
|
default_width = 300
|
|
min_height = 50
|
|
min_width = 100
|
|
max_height = 10000
|
|
trellis_min_widths = 70, 130, 230
|
|
trellis_per_row = 10, 6, 4
|
|
supports_drilldown = True
|
|
supports_export = True
|
|
supports_trellis = True
|
|
core.icon = single-value
|
|
core.preview_image = singlevalue.png
|
|
core.order = 8
|
|
core.type = visualizations
|
|
core.viz_type = singlevalue
|
|
core.recommend_for = timechart
|
|
core.height_attribute = display.visualizations.singlevalueHeight
|
|
data_sources = primary
|
|
data_sources.primary.params.output_mode = json_cols
|
|
data_sources.primary.params.offset = 0
|
|
data_sources.primary.params.count = 1000
|
|
|
|
[radialGauge]
|
|
label = Radial Gauge
|
|
description = Show a single value in relation to customized ranges.
|
|
search_fragment = | stats count
|
|
default_height = 300
|
|
default_width = 300
|
|
min_height = 100
|
|
min_width = 100
|
|
max_height = 10000
|
|
supports_drilldown = False
|
|
supports_export = True
|
|
supports_trellis = True
|
|
core.icon = gauge-radial
|
|
core.preview_image = radialGauge.png
|
|
core.order = 9
|
|
core.type = visualizations
|
|
core.viz_type = charting
|
|
core.charting_type = radialGauge
|
|
core.height_attribute = display.visualizations.chartHeight
|
|
data_sources = primary
|
|
data_sources.primary.params.output_mode = json_cols
|
|
data_sources.primary.params.count = $display.visualizations.charting.data.count:JSCHART_RESULTS_LIMIT:10000$
|
|
data_sources.primary.params.offset = 0
|
|
|
|
[fillerGauge]
|
|
label = Filler Gauge
|
|
description = Show a single value and its current range.
|
|
search_fragment = | stats count
|
|
default_height = 300
|
|
default_width = 300
|
|
min_height = 100
|
|
min_width = 100
|
|
max_height = 10000
|
|
supports_drilldown = False
|
|
supports_export = True
|
|
supports_trellis = True
|
|
core.icon = gauge-filler
|
|
core.preview_image = fillerGauge.png
|
|
core.order = 10
|
|
core.type = visualizations
|
|
core.viz_type = charting
|
|
core.charting_type = fillerGauge
|
|
core.height_attribute = display.visualizations.chartHeight
|
|
data_sources = primary
|
|
data_sources.primary.params.output_mode = json_cols
|
|
data_sources.primary.params.count = $display.visualizations.charting.data.count:JSCHART_RESULTS_LIMIT:10000$
|
|
data_sources.primary.params.offset = 0
|
|
|
|
[markerGauge]
|
|
label = Marker Gauge
|
|
description = Show a single value in relation to customized ranges.
|
|
search_fragment = | stats count
|
|
default_height = 300
|
|
default_width = 300
|
|
min_height = 100
|
|
min_width = 100
|
|
max_height = 10000
|
|
supports_drilldown = False
|
|
supports_export = True
|
|
supports_trellis = True
|
|
core.icon = gauge-marker
|
|
core.preview_image = markerGauge.png
|
|
core.order = 11
|
|
core.type = visualizations
|
|
core.viz_type = charting
|
|
core.charting_type = markerGauge
|
|
core.height_attribute = display.visualizations.chartHeight
|
|
data_sources = primary
|
|
data_sources.primary.params.output_mode = json_cols
|
|
data_sources.primary.params.count = $display.visualizations.charting.data.count:JSCHART_RESULTS_LIMIT:10000$
|
|
data_sources.primary.params.offset = 0
|
|
|
|
[mapping]
|
|
label = Cluster Map
|
|
description = Show aggregated values in a geographic region.
|
|
search_fragment = | geostats count [by category] latfield=lat longfield=lon
|
|
default_height = 400
|
|
default_width = 600
|
|
min_height = 200
|
|
min_width = 100
|
|
max_height = 10000
|
|
supports_drilldown = True
|
|
supports_export = True
|
|
supports_trellis = False
|
|
core.icon = location
|
|
core.preview_image = mapping.png
|
|
core.order = 12
|
|
core.type = visualizations
|
|
core.viz_type = mapping
|
|
core.mapping_type = marker
|
|
core.recommend_for = geostats
|
|
core.height_attribute = display.visualizations.mapHeight
|
|
data_sources = primary
|
|
data_sources.primary.params.output_mode = json_cols
|
|
data_sources.primary.params.offset = 0
|
|
data_sources.primary.params.count = $display.visualizations.mapping.data.maxClusters:100$
|
|
data_sources.primary.mapping_filter = true
|
|
data_sources.primary.mapping_filter.center = $display.visualizations.mapping.map.center:(0,0)$
|
|
data_sources.primary.mapping_filter.zoom = $display.visualizations.mapping.map.zoom:2$
|
|
data_sources.primary.params.search = geofilter south=$south$ west=$west$ north=$north$ east=$east$ maxclusters=$display.visualizations.mapping.data.maxClusters:100$
|
|
|
|
[choropleth]
|
|
label = Choropleth Map
|
|
description = Show how values vary over a geographic region.
|
|
search_fragment = | stats count by featureId | geom geo_countries featureIdField=featureId
|
|
default_height = 400
|
|
default_width = 300
|
|
min_height = 200
|
|
min_width = 100
|
|
max_height = 10000
|
|
supports_drilldown = True
|
|
supports_export = True
|
|
supports_trellis = True
|
|
core.icon = choropleth-map
|
|
core.preview_image = choropleth.png
|
|
core.order = 13
|
|
core.type = visualizations
|
|
core.viz_type = mapping
|
|
core.mapping_type = choropleth
|
|
core.recommend_for = geom
|
|
core.height_attribute = display.visualizations.mapHeight
|
|
data_sources = primary
|
|
data_sources.primary.params.output_mode = json_cols
|
|
data_sources.primary.params.offset = 0
|
|
data_sources.primary.params.count = $CHOROPLETH_SHAPE_LIMIT:10000$
|
|
data_sources.primary.mapping_filter = true
|
|
data_sources.primary.mapping_filter.center = $display.visualizations.mapping.map.center:(0,0)$
|
|
data_sources.primary.mapping_filter.zoom = $display.visualizations.mapping.map.zoom:2$
|
|
data_sources.primary.params.search = geomfilter min_y=$south$ min_x=$west$ max_y=$north$ max_x=$east$
|
|
|
|
[statistics]
|
|
label = Statistics Table
|
|
description = Show results organized in rows and columns.
|
|
default_height = 300
|
|
default_width = 300
|
|
min_height = 0
|
|
min_width = 100
|
|
max_height = 1000
|
|
supports_trellis = False
|
|
supports_drilldown = True
|
|
supports_export = True
|
|
core.icon = table
|
|
core.preview_image = statistics.png
|
|
core.order = 14
|
|
core.type = statistics
|
|
core.recommend_for = timechart, top, rare, predict
|
|
data_sources = primary
|
|
data_sources.primary.params.output_mode = json_rows
|
|
data_sources.primary.params.sort_key = $display.statistics.sortColumn:$
|
|
data_sources.primary.params.sort_direction = $display.statistics.sortDirection:$
|
|
data_sources.primary.params.count = 20
|
|
data_sources.primary.params.offset = 0
|
|
|
|
[events]
|
|
label = Events
|
|
description = List events from search results.
|
|
default_height = 300
|
|
default_width = 300
|
|
min_height = 0
|
|
min_width = 100
|
|
max_height = 1000
|
|
supports_trellis = False
|
|
supports_drilldown = True
|
|
supports_export = True
|
|
core.icon = list
|
|
core.preview_image = events.png
|
|
core.order = 15
|
|
core.type = events
|