- Apps and Add-ons
- :
- All Apps and Add-ons
- :
- A dynamic lister based on a static lister
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark Topic
- Subscribe to Topic
- Mute Topic
- Printer Friendly Page
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hello everybody,
I want to create a dashboard with two listers, the first will be a static lister with differents source i use on Splunk, the second will search every hosts on the selected host.
I tried this but it don't work :
Thanks for the help !
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
OK thanks to your apps i found the solution, here is the code :
Thanks you very much !!!
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
OK thanks to your apps i found the solution, here is the code :
Thanks you very much !!!
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Well, you're using an addterm intention, and possibly the addterm is tacking it's term on after the dedup and table, which would result in
index=main sourcetype=syslog source | dedup host | table host | search source="foo"
which obviously wouldn't work. I would use the firebug addon to Firefox, and watch in the NET tab what search actually gets POST'ed to splunkd.
Using core UI, the answer would be to use the thornier stringreplace intention. There are examples in the "UI examples" app and also in its replacement the "dashboard examples" app.
If you want to make life easier for yourself, you should switch to using Sideview Utils. The same view can be rewritten far more simply and you wont have to think about intentions ever again.
<view autocancelinterval="100" ispersistable="true" issticky="true" onunloadcanceljobs="false" template="search.html">
<label>aaaaaaa</label>
<module name="SideviewUtils" layoutPanel="appHeader" />
<module name="Search" layoutpanel="mainSearchControls" autorun="True">
<param name="search">index=main</param>
<module name="Pulldown">
<param name="name">source</param>
<param name="label">Reseau :</param>
<param name="template">$name$="$value$"</param>
<param name="staticOptions">
<list><param name="value">SPP</param></list>
<list><param name="value">RTH</param></list>
<list><param name="value">RMS</param></list>
<list><param name="value">RMS2</param></list>
</param>
<module name="Search">
<param name="search">index=main sourcetype=syslog $source$ | dedup host | table host</param>
<module name="Pulldown">
<param name="name">host</param>
<param name="label">Host</param>
<param name="valueField">$name$</param>
</module>
</module>
</module>
</module>
</view>
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
thanks you 😉 but i fixed it as you can see in my new code 🙂 but your answer is very usefull
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Oops. I accidentally omitted the SideviewUtils module, which is required. Rookie mistake! I'll update my code. Glad you figured it out though.
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I am trying to use sideview utils with your code but it doesn't work, there is only a loading green bar at the top of the dashboard 😕
ok i fixed it by using template="dashboard.html" instead of search.html but the host pulldown is stuck on "loading".
I try to use firebug but i dont know where can i see the request in the network windows
Extending Observability Content to Splunk Cloud
More Control Over Your Monitoring Costs with Archived Metrics!
New in Observability Cloud - Explicit Bucket Histograms
