Heat Map Widget
This widget is used to visualize various thresholds in the form of a colored heat map.
 The Heat Map widget is useful to visualize data in the form of a heat map. 
      
				
 
			  
			  
			  
				
 
	 
 
	 | Field | Description | 
|---|---|
| Query | Enter a search query. Enter USE to start an EQL statement or SELECT to start an SQL statement. You can search based on filter and time Bloks as well. | 
| Date & Time | You can enter absolute and relative time ranges. For example, enter -5h as a relative time range to display results that occur in the last 5 hours. | 
| X-axis data | Choose the column name to define the X-axis of the line chart. | 
| Y-axis label | Define the label name for the Y-axis that is displayed on the chart. | 
| Tile Value | Define the column name by which the heat map tile is to be represented. The value of this column is displayed as a tile. | 
| Use Color Axis | In the Min Color and Max Color fields, specify the range of minimum and maximum values of the color to be represented on the axis. The color axis needs to be adjusted to get the right color spread for the tile values. | 
| Use Color Threshold | Define the threshold range for the colors on the heat map. When Tile Value is below the threshold range, the tile color is green and when Tile Value is above the threshold range, the tile color is red. If Tile Value is in between the threshold range, the tile color is orange. | 
| Use color value | Define the column name by selecting the column. The color represented by the Use Color Value field is used to color the tiles on the chart. You can use Enrichment List or EQL Conditional functions such as IIF in the query to return specific color values. If this field is specified, the Use Color Axis field is ignored. | 
| Auto refresh | Click the slider to ON to refresh the widget. By default, it is set to OFF. | 
| Refresh widget every | If Auto refresh is set to ON, enter a time interval in seconds to refresh the widget. Refresh action starts after the data is completely retrieved and displayed. | 
Examples
For the search query:
use LogLogic_Appliance | GROUP BY ll_eventStatus, ll_sourceIP | COLUMNS ll_eventStatus, ll_sourceIP, count(*) as count | ll_eventStatus is NOT NULL | (ll_eventStatus != '')
the X-axis is ll_eventStatus and the Y-axis is ll_sourceIP
The following are examples of a Heat widget:
For the search query: 
		  
 
		
 
	 use LogLogic_Appliance | GROUP BY ll_eventStatus, ll_sourceIP | COLUMNS ll_eventStatus, ll_sourceIP, count(*), IIF(ll_eventStatus ='failed', 'red', 'green') AS color | ll_eventStatus is NOT NULL | (ll_eventStatus != '')
Related tasks
Copyright © Cloud Software Group, Inc. All rights reserved.

 
 
			  
 
			 