Hi,
I assume you were referring to timeline (Bar graph) in New Events view. Based on the timerange queried, each block or bar in the graph will display count for the smaller timerange.
Eg: when you've queried for 24hrs, there would be 24 blocks/bars displayed in the timeline and each block represents data for 1hr. When you just hover over on one of these you would see a small widget which displays Events count and a timestamp.
In the above image, when scrolled over second block it says ~93.1M events and 10/14/2021 05:26 am - this is the beginning of timestamp for this block/bar in timeline. to understand the timerange of each block/bar in graph scroll over to second block in graph and hover the mouse on it.
Now you can see it says ~114M events and 10/14/2021 06:26 am - which is the end timerange for previous block and beginning timerange for this block.
So basically this is it..
First Bar/Block in graph is from 10/14/2021 05:26 am to 10/14/2021 06:26 am and has 93.1M matching your query during that time.
Second Bar/Block in graph is from 10/14/2021 06:26 am to 10/14/2021 07:26 am and has 114.2M matching your query during that time.
If you want to drill down to matching events of timerange for second block (i.e from 06:26 to 07:26) you've to manually edit the timestamp and query the service. There's no feature at present to easily drilldown from timeline to creating queries on the go, but is in pipeline.
Hope this helps!
