All Apps and Add-ons
×

Join the Conversation

Without signing in, you're just watching from the sidelines. Sign in or Register to connect, share, and be part of the Splunk Community.
Ask a Question

Splunk Dashboard

garimayadav
New Member
‎03-11-2015 12:15 AM

Can we create a Splunk dashboard where in result of search query can be post-processed programmatically?

0 Karma
Reply

slashnburn
Path Finder
‎03-11-2015 02:37 PM

This is absolutely feasible. I would recommend downloading the web framework toolkit to get some background on search managers and the like.

Essentially you will create a search manager for each of your various forms, perform your business logic on myresults.data, then return it back to whatever splunk view you want.

Another good starting point for some background can be found here http://dev.splunk.com/webframework

I should note that you will need access to the server's file system.

0 Karma
Reply

somesoni2
Revered Legend
‎03-11-2015 01:42 PM

You should be able to use the textbox value added to the Splunk dashboard/form and generate a dynamic search query, run it and display the result. Feasibility of the dynamic query depend on the requirement. Please post the business rule that you want to apply on the value of the text box, people here may be able to give you appropriate help/pointers.

0 Karma
Reply

satishsdange
Builder
‎03-11-2015 12:30 AM

Could you please give a use cases/example that explains your query in detail.

0 Karma
Reply

garimayadav
New Member
‎03-11-2015 01:15 AM

We want to create a customised dashboard where in user enters some id and result is displayed in a table below on the same screen. Now, I have following questions:

1) Can we create a text box on dashboard which takes input and then at the backend, we utilize this input ( say "id") to create a search query?
2) Can we use Splunk Java SDK at the back end for writing business logic?
2) Once search query is created using SPlunk Java SDK, we would process the result of query ( apply some business logic) , and then return the processed result back to the UI ( dashboard). Is this feasible?

0 Karma
Reply

markthompson
Builder
‎03-11-2015 03:24 AM

I believe you are able to set variables with an SDK. http://dev.splunk.com/view/java-sdk/SP-CAAAEPZ

0 Karma
Reply

satishsdange
Builder
‎03-11-2015 01:36 AM
  1. You can certainly create a form in a dashboard that allows users to provide inputs e.g id, username, email id, time range etc. This can be done in core Splunk. Please refer to below doc link http://docs.splunk.com/Documentation/Splunk/6.2.2/Viz/FormEditor I don't have answer for 2nd & 3rd question. But you can definitely refer to http://dev.splunk.com/java for more information.
Reply
Got questions? Get answers!

Join the Splunk Community Slack to learn, troubleshoot, and make connections with fellow Splunk practitioners in real time!

Meet up IRL or virtually!

Join Splunk User Groups to connect and learn in-person by region or remotely by topic or industry.

Get Updates on the Splunk Community!

Event Series: Telemetry Pipeline Management

Balancing Scale and Spend: Gaining Control Over High-Volume Metrics in Splunk Observability Cloud As ...

Kick the Tires Before You Commit: A Hands-On Tour of the Splunk Observability Cloud ...

Evaluating an enterprise observability platform usually goes like this: fill out a form, get a free trial with ...

Deep insights, no barriers: Splunk Observability Cloud Free Edition

As software delivery cycles continue to accelerate, observability shouldn’t be a luxury — it should be a ...