Splunk® Enterprise

Dashboards and Visualizations

Visualization reference

Compare options and select a visualization to show the data insights that you need.

To quickly view the most fundamental overview of common visualizations and their use cases, note that you can access the Splunk Dashboards Quick Reference guide by clicking the link in Getting started.

Visualization Usage To learn more see
Events list

7.1 Event list viz example.png

Show the events that a search generates.
  • Show events without additional processing.
  • Show extracted fields and values directly in a dashboard.
  • Users can click on event fields or timestamps to open a more specific search.
Using events lists
Table

Table general example.png

Compare and aggregate field values.
  • Isolate one or more specific fields from search results.
  • Add formatting to highlight trends or patterns in specific fields.
Table visualization overview
Charts

6.4 Stacked area chart example.png

Visualize one or more dimensions in a data set.
Use one of the following chart types depending on how many dimensions, or fields, you are visualizing.
  • Pie
  • Area, line, column, bar
  • Bubble and scatter
Chart overview
Single value

Fluttershy single value background color mode.png

Show an aggregated metric in context.
  • Track recent changes or trends in real time.
  • Use colors to add context dynamically.
Single value overview
Gauges

6.4 marker gauge example.png

  • Show an aggregated metric against a range.
  • Track a metric as it approaches a specific target.
Using gauges
Maps

6.3.0 choropleth screenshot divergent us states.png

Visualize data with geographic coordinates.
  • Use a Choropleth map to show and compare regional trends or concentrations.
  • Use a marker map to plot geographic data.
Mapping data
Custom visualizations Analyze and represent unique data sets.

An admin must install custom visualization apps to make them available for Splunk users.
See Custom visualizations for more details.
Last modified on 27 May, 2020
Getting started   Data structure requirements for visualizations

This documentation applies to the following versions of Splunk® Enterprise: 7.1.0, 7.1.1, 7.1.2, 7.1.3, 7.1.4, 7.1.5, 7.1.6, 7.1.7, 7.1.8, 7.1.9, 7.1.10, 7.2.0, 7.2.1, 7.2.2, 7.2.3, 7.2.4, 7.2.5, 7.2.6, 7.2.7, 7.2.8, 7.2.9, 7.2.10, 7.3.0, 7.3.1, 7.3.2, 7.3.3, 7.3.4, 7.3.5, 7.3.6, 7.3.7, 7.3.8, 7.3.9, 8.0.0, 8.0.1, 8.0.2, 8.0.3, 8.0.4, 8.0.5, 8.0.6, 8.0.7, 8.0.8, 8.0.9, 8.0.10, 8.1.0, 8.1.1, 8.1.2, 8.1.3, 8.1.4, 8.1.5, 8.1.6, 8.1.7, 8.1.8, 8.1.9, 8.1.10, 8.1.11, 8.1.12, 8.1.13, 8.1.14, 8.2.0, 8.2.1, 8.2.2, 8.2.3, 8.2.4, 8.2.5, 8.2.6, 8.2.7, 8.2.8, 8.2.9, 8.2.10, 8.2.11, 8.2.12, 9.0.0, 9.0.1, 9.0.2, 9.0.3, 9.0.4, 9.0.5, 9.0.6, 9.0.7, 9.0.8, 9.0.9, 9.0.10, 9.1.0, 9.1.1, 9.1.2, 9.1.3, 9.1.4, 9.1.5, 9.1.6, 9.1.7, 9.2.0, 9.2.1, 9.2.2, 9.2.3, 9.2.4, 9.3.0, 9.3.1, 9.3.2, 9.4.0


Was this topic useful?







You must be logged into splunk.com in order to post comments. Log in now.

Please try to keep this discussion focused on the content covered in this documentation topic. If you have a more general question about Splunk functionality or are experiencing a difficulty with Splunk, consider posting a question to Splunkbase Answers.

0 out of 1000 Characters