A quick example

Let's try a quick example. Once we have selected a data model (in our case, Aviation Games), from the Select a Dataset page, we can choose Processing Errors, which will land us on the New Pivot (Pivot Editor):

To build a simple pivot, we can do the following quick steps:

1. Add/Verify the filters:

Remember, All time is the default; this will include all results found over all time. You can click on the pencil and amend this filter to be based upon any of Splunk's Presets or a specific Date Range:

For this example, we'll just leave the default selection.

2. Configure the Split Rows.

Directly under Filters is Split Rows. For Split Rows, I've selected date_month:

3. After making the selection, you are able to provide additional settings for the selected row:
   

I've provided a new name (Label) for the row (my_Month) and left the defaults for Sort, Max Rows (to display), and Totals.

4. Configure the Split Columns.

Moving to the upper-right side of the Pivot page, we have Split Columns. For Split Columns, I've selected date_mday:

Once you select date_mday, you are given the opportunity to set some additional values:

We'll leave the defaults again and click on the button labelled Add To Table.

5. Configure the Column Values. Finally, for the Column Values, (by clicking on the pencil) you can see that Splunk defaulted to providing a count (of processing errors) found in the indexed data (shown in the following screenshot). You can click on the button labeled Update:
   
6. View the results of our sample pivot in the following screenshot:

From here, you have the option to Clear the Pivot (and start over), or click on Save As and save the pivot as a Splunk report or as a dashboard panel for later use.