Dashboards & Visualizations
cancel
Turn on suggestions
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question

Basic dashboards

adetheodore
Loves-to-Learn Lots
‎10-31-2021 05:57 PM

Hello guys... We need some help, as always. We are a bunch of noobs in Splunk and we want to create some basic dashboards about the local performance such as disk, cpu, memory... And dashboards about a few of the most importants event logs in windows. Any idea how to start? I've been reading docs, forums, etc. but it looks like since is too basic no one talks about it lol Hope you can give me a hand. We are using splunk enterprise on a local w10 machine just to get our hands dirt and learn the basics as you can see.

Thank you again and happy halloween!

Labels (2)
Labels
0 Karma
Reply

nhaq
Splunk Employee
Splunk Employee
‎01-06-2022 08:19 AM

Hi @adetheodore , 

 

Although this may not assist necessarily in the query-writing aspect of your question, we do provide some example dashboards with the product for Splunk Enterprise 8.2 and higher, in the Examples Hub, which you can find by going to the Dashboard listing page in Search and Reporting and clicking the link at the top.This is a collection of example dashboards for various use cases if you need help in terms of design, organization, and messaging for the dashboard. If you use one of these examples you can likely replace the searches with the correct ones necessary for your use case. Hopefully this can help in some aspects of your situation. 

0 Karma
Reply

vhharanpositka
Path Finder
‎10-31-2021 07:37 PM

Hi @adetheodore 

In Splunk Enterprise, you can use the "Splunk App for Infrastructure" for Windows Monitoring. 

APP URL: https://splunkbase.splunk.com/app/3975/

Installation Reference: https://docs.splunk.com/Documentation/InfraApp/2.2.4/Install/Install


If you are monitoring the local machine, then the "Monitoring Console" will provide the necessary details about the local machine metrics.

Reference: https://docs.splunk.com/Documentation/SplunkCloud/8.2.2109/Data/MonitorWindowsperformance#Enable_loc...

 

Thanks

0 Karma
Reply

adetheodore
Loves-to-Learn Lots
‎11-01-2021 03:17 PM

Hello!

The thing is that we're trying to display some dashboards about performance and logs but we don't know how to write a good query for that. We tried to use this app but with no luck.

0 Karma
Reply

SinghK
Builder
‎01-06-2022 09:26 AM

index = your index |table host, source, sourcetype, event_id,  message, type the fields you need here 

This will give you all the info and save this search as dashboard for windows event logs and that should do... 

Metrics (cpu,mem,disk)is totally diff story and will need more info before a query can be written.

 

 

 

0 Karma
Reply
Get Updates on the Splunk Community!

Developer Spotlight with Brett Adams

In our third Spotlight feature, we're excited to shine a light on Brett—a Splunk consultant, innovative ...

Index This | What can you do to make 55,555 equal 500?

April 2025 Edition Hayyy Splunk Education Enthusiasts and the Eternally Curious!  We’re back with this ...

Say goodbye to manually analyzing phishing and malware threats with Splunk Attack ...

In today’s evolving threat landscape, we understand you’re constantly bombarded with phishing and malware ...
Top