Chart Search Results

In the Aggregates tab, in addition to the standard table view, you can view search results as a chart, such as a bar or column chart.

When charting aggregate results from a query, the grouping function defines the plotted values on the one axis, and the grouping operator determines the values on the other axis. For example, group by _sourceHost produces a bar or point for each host. If you are using multiple group-by functions, a separate bar or point represents each set of grouped results.

To chart aggregate results:

  1. On the Search page, run an aggregate query.
  2. In the Aggregates tab, click a graph button on the Aggregates tab.​

For complete details on creating different kinds of charts, see Chart Panel Types.