| Query
|
Enter a search query. Enter USE to start an EQL statement and SELECT to start an SQL statement. You can search based on filter and time Bloks as well.
|
| Time
|
You can enter absolute and relative time ranges. Click
 to open a window that allows you to define a time range. For example, enter -5h to display results that occur in the last 5 hours.
|
| X-axis
|
Define the column name. If the column names are already defined in the search query, the X-axis column is auto-populated. Otherwise, as you start typing in the field, the available matching column names are displayed. Choose the column name to define the X-axis of the line chart.
|
| X-axis Label
|
Define the label name for the X-axis that is displayed on the chart.
|
| Y-axis
|
Define the column name. If the column names are already defined in the search query, the Y-axis column is auto-populated. Otherwise, as you start typing in the field, the available matching column names are displayed. Choose the column name to define the Y-axis of the line chart.
|
| Y-axis label
|
Define the label name for the Y-axis that is displayed on the chart.
|
| Categorize by
|
Define the column name by which the Y-axis data is combined into a series.
|
| Auto refresh
|
Click the slider to ON to refresh the widget. By default, it is set to OFF.
|
| Refresh widget
|
Enter a time interval to refresh the widget. Refresh action starts after the data is completely retrieved and displayed.
|
