Spread our blog

Sankey Diagram – Custom Visualization

Today we will discuss “Sankey Diagram ”, this is a wonderful custom visualization to keep a track of your data flow and to check the density of that flow. It generally shows the relationship between the source and destination target. So without wasting any time on introduction let’s get to the business.

Step 1:
Download the add-on first from the Splunk base by clicking the below link.
https://splunkbase.splunk.com/app/3112

Step 2:
After finishing the download install the add-on as shown below.
Log in to your Splunk instance with your credentials.


Then go to the “Search and reporting” app and click on app dropdown from the top and select “manage apps”.


Then click on “Install app from file


Then select the downloaded file by clicking the “Choose file” and upload it.

Step 3:
Whenever you want to go with “Sankey Diagram”, your result table should look like this.
First Column should consist of “Source” data, second is “target” data, the third column is for Link size or density count and fourth is optional.


Let’s take an example. We have airline data in the index “test_index”, which is showing data related to all possible airlines between two airports.


Here we have “source_airpot” and “destination_airpot”, now by using the “Sankey diagram” we will visualize the number of airlines between two airports.
So before doing this we need to structure our result table in the above format we showed previously.

index="test_index" sourcetype="airline" 
| stats count by Source_airport,Destination_airport 
| where count >= 9

Explanation:
According to our requirement, we made the search result table, where the count field is showing the number of airlines between airports. We have used count greater than 9 to make our result set smaller only for presentation purposes.
Now if we change this into “Sankey Diagram” then it will look like this.

You can also know about :  How to Forecast Values Using Splunk Machine Learning Toolkit


Now based on the data flows from one airport to another it’s showing the visualization. Now take a look width of all the bars between two airports that are not the same, which depends on the count, the width will increase as count increased.
Now if you hover your mouse over any of the airports then we will get all the details of that.


It’s really cool and hopefully will be super easy after this blog.

Happy Splunking !!!

What’s your Reaction?
+1
+1
+1
+1
+1
1
+1
+1

Spread our blog

RELATED ARTICLESMORE FROM AUTHOR

LEAVE A REPLY

Please enter your comment!
Please enter your name here