Solved: Can we color the table cell text display by Simple...

disha · ‎09-28-2012

Right now I have my search like this

my search..| stats list(EventID), list(Time), list(EventDescription) by CustID

So in the result table it is showing more than one (group of) values of time,eventid and eventdescription for each customer (This is what my search doing)
Now if I have three times per customer I need to display them in different color. How to achieve that. Any thoughts?

sideview · ‎10-08-2012

With Sideview Utils 2.2 this is quite easy.

Here's an example using the internal metrics data.

In this example I construct the row class simply as "hasN", where N is the number of distinct values.

Step 1. Define the CSS in your app, or use an HTML module to embed the CSS right into your page.

tr.has5 td {
  background-color:#eeeeee;
  color:white;
}
tr.has4 td {
  background-color:#eeeeee;
  color:white;
}
tr.has3 td {
  background-color:#ddd;
  color:white;
}
tr.has2 td {
  background-color:#ccc;
  color:white;
}

Step 2. Here is the XML config. Note that the actual Table module's config is extremely simple here.

<module name="Search">
  <param name="search"><![CDATA[
    index=_internal source="*metrics.log" group="per_*_thruput" | head 1000 | stats dc(series) as seriesCount values(series) as seriesValues by group
  ]]></param>
  <module name="Pager">
    <module name="Table">
      <param name="hiddenFields">seriesCount</param>
      <param name="rowClass">has$row.fields.seriesCount$</param>
    </module>
  </module>

I hope this makes sense.

Of course, it's a deliberately simple example. In your actual version you might NOT want to simply put the distinct-count number right into the rowClass directly like this.

Instead you could use the search language to create a field whose value was either "low", or "medium", or "high". (The rangemap command is particularly good at doing this).

Then you would have that field name in your Table's "hiddenFields" param, and reference that field as the value of the rowClass param.

The advantage there is that you could only define a couple colors in the CSS, and you could have a fallback value, etc.

Get Sideview Utils 2.2 from the sideview site

View solution in original post

sideview · ‎10-08-2012

With Sideview Utils 2.2 this is quite easy.

Here's an example using the internal metrics data.

In this example I construct the row class simply as "hasN", where N is the number of distinct values.

Step 1. Define the CSS in your app, or use an HTML module to embed the CSS right into your page.

tr.has5 td {
  background-color:#eeeeee;
  color:white;
}
tr.has4 td {
  background-color:#eeeeee;
  color:white;
}
tr.has3 td {
  background-color:#ddd;
  color:white;
}
tr.has2 td {
  background-color:#ccc;
  color:white;
}

Step 2. Here is the XML config. Note that the actual Table module's config is extremely simple here.

<module name="Search">
  <param name="search"><![CDATA[
    index=_internal source="*metrics.log" group="per_*_thruput" | head 1000 | stats dc(series) as seriesCount values(series) as seriesValues by group
  ]]></param>
  <module name="Pager">
    <module name="Table">
      <param name="hiddenFields">seriesCount</param>
      <param name="rowClass">has$row.fields.seriesCount$</param>
    </module>
  </module>

I hope this makes sense.

Of course, it's a deliberately simple example. In your actual version you might NOT want to simply put the distinct-count number right into the rowClass directly like this.

Instead you could use the search language to create a field whose value was either "low", or "medium", or "high". (The rangemap command is particularly good at doing this).

Then you would have that field name in your Table's "hiddenFields" param, and reference that field as the value of the rowClass param.

The advantage there is that you could only define a couple colors in the CSS, and you could have a fallback value, etc.

Get Sideview Utils 2.2 from the sideview site

Simon · ‎10-10-2012

That was awesome easy, thank you!!

sideview · ‎10-09-2012

You would just add the range field to the "hiddenFields" param. That's all.

Simon · ‎10-09-2012

Hi Nick
Thanks for your example, I'm looking forward to give a try with 2.2.
Do you have an example where I color rows based on a range but without showing the "range" field in my table, when using rangemap?
Thanks
Simon

disha · ‎10-08-2012

Hi Nick,
Sideview 2.2 is out. Can you please help me out now.
Thanks,

Simon · ‎09-29-2012

You can achieve this also with a bit of javascript, see http://splunk-base.splunk.com/answers/42994/advanced-xml-highlight-certain-values-in-a-table-not-num...
There are example either to color an entire row or a single cell.

Drainy · ‎10-01-2012

I second that the link should be perfect for your needs 🙂

sideview · ‎09-28-2012

This is quite easy with the Sideview Table module, and requires no custom code. However the Table module is not released yet so I'll try and come back and answer it in a week or two after it's released. If you want to try out an early version and let me know how it works for your use cases, email me at nick@sideviewapps.com

Can we color the table cell text display by SimpleResultsTable module in Splunk

.conf24 | Registration Open!

ICYMI - Check out the latest releases of Splunk Edge Processor

Introducing the 2024 SplunkTrust!