Stack Overflow
Stack Overflow

Questions tagged [splunk-dashboard]

26 questions
1
vote
1 answer

How does splunk dashboard actually display the search query data?

I am new to Splunk and have been exploring its features. I have uploaded some dummy data in CSV format and tried to create a dashboard out of it. My query is if some new data is added, how does the dashboard reflect the change in data? Any…
Madhurima Chakraborty
  • 11
  • 1
1
vote
1 answer

splunk dashboard to include the time rage that will populate into the pdf file

I have a splunk dashboard that returns results based on a time picker with a start and end time frame I would like to have that time range in the dashboard so that the PDF generated it shows the time frame.
kevin wholley
  • 61
  • 4
1
vote
1 answer

How to make a Splunk Dashboard dynamic?

I have a query lets call it query1 that looks at sales and I have storenumber=1 in that query I have query2 that looks at returns with storenumber=1 in the second query I want to add these queries to my store's dashboard. Now in the dashboard, I…
kevin wholley
  • 61
  • 4
1
vote
1 answer

How to visualize splunk events as column chart

How could I visualize json data from several Splunk events as column chart? The json I get each time the app logs data to Splunk has the following structure: { "monat": "2020-06-01", "duration": 512, "herkunft": "abc" } The column chart…
Patrick Vogt
  • 738
  • 2
  • 13
  • 29
1
vote
2 answers

Splunk produces a table with only one row

I am using a splunk dashboard to parse a key-value log file into a table. This is the search i am using : ... Regdata Recon REGDATA-RECON reconStartTime …
Lazaruss
  • 777
  • 1
  • 8
  • 19
1
vote
0 answers

How to visualise this data in a Splunk dashboard?

The final data from Splunk I have is in the form of a csv file with about 180 rows (product/goods) and a column that records the change (in sales compared to the previous month). Product mean variance Apples increase no change Oranges decrease…
kRazzy R
  • 1,453
  • 1
  • 13
  • 35
0
votes
1 answer

Combining multiples searches into a trellis layout of single value visualizations

I have a number of networked devices that I am pulling temperature and humidity data from and ingesting into Splunk. Each device is located in a physical location and most, but not all have two sensors. The perfect panel for my needs is one that…
MrFarland
  • 33
  • 6
0
votes
0 answers

How to get cloud watch logs from AWS to splunk enterprise?

I am new to Splunk and AWS. My current project requirement is to create a Splunk dashboard from scratch. There are some log groups in Cloud Watch with stream of logs. Now, there are existing lambda functions pushing logs to Splunk but I don't have…
Upender Bikkumalla
  • 17
  • 3
0
votes
1 answer

Splunk Dashboard - difference between eval case and rangemap result

I'm running a query to bifurcate splunk results into buckets. I want to divide and count files based on sizes they are taking on disk. This can be achieved using rangemap or eval case. As I read here using eval is faster than rangemap. But I'm…
inquisitive
  • 3,318
  • 4
  • 22
  • 53
0
votes
0 answers

In splunk is there a way to prepopulate the time input field with values for another token?

In Splunk, I have a dashboard with init-section. I use the init-section to set 2 tokens, then I use the token values to set the default value for a time input. When I run the dashboard, the time input is unpopulated. If I replace…
hba
  • 6,234
  • 9
  • 58
  • 96
0
votes
2 answers

Splunk query not endswith

I am just into learning of Splunk queries, I'm trying to grab a data from myfile.csv file based on the regex expression. In particular, I'm looking forward, print only the rows where column fqdn not endswith udc.net and htc.com. Below is my query…
Karn Kumar
  • 5,809
  • 1
  • 18
  • 33
0
votes
0 answers

Splunk Dashboard Formatting issues

need some help regarding Splunk Dashboard Report formatting issues.. whereby the dashboard legend is getting truncated when being either exported or saved as PDF. Need some solutions to get the report format as it does in the dashboard view.
Vijayalakshmi Pandian
  • 1
0
votes
1 answer

add disclamier note in all splunk report at one shot

we want to add one disclaimer notes as below on 50 reports of splunk.. can we do that in one shot? Disclaimer:- In case you do not find any attachment OR Blank attachment this means no matching events or Blocked events were found during the report…
supriya
  • 1
  • 2
0
votes
0 answers

How can I add fields from different serches and plot it on the same graph

I am getting no data for e2e_latency_ms. I want to plot pp_latency_ms,cv_edge_latency_ms, api_latency_ms and total of all these three latency on the same plot. But can't figure out how to do it. Any help will be appriciated. My query is as…
ABDULVAHAB Kharadi
  • 54
  • 3
0
votes
1 answer

Set a token per item in a Splunk multiselect

I would like to set a boolean token (selected/not selected) for every item in a multiselect input on a form. I saw a workaround for the (bizarre?) lack of out-of-the-box ability to do something like…
David Doria
  • 8,881
  • 14
  • 75
  • 133
1
2