Dashboards & Visualizations
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

Can you help solve a problem I'm having with a custom visualization that returns over 50k search results?

SK8
Explorer
‎09-19-2018 01:14 AM

Hello,

I have a problem with a custom visualization. This gets a large amount of results (over 50k). I retrieve them with this example from the following blog Post (https://www.splunk.com/blog/2016/04/11/show-me-your-viz.html), just like in section 3b.

For the initial call it works fine, too.

However, there is a problem with an installation in a dashboard with filters. If the first result is above the chunk size, the offset is increased with UpdateDataParams. If I then limit the search further with the filters so that the quantity is below the previous chunk size, then I get the display "No results found." But there are still results. The Custom Visualization doesn't come into the UpdateView method anymore, because — probably — the current offset is higher than the current result set.

So how can I set the offset back to 0?

Reply

SK8
Explorer
‎10-10-2018 03:37 AM

We've identified the problem. We are currently working in this project with Splunk version 6.6.2. In this version this error occurs when chunking. In previous (6.5.2) and subsequent versions (7.1.0) it is no problem with our implementation. So there will be an internal splunk problem in this version.

0 Karma
Reply
Get Updates on the Splunk Community!

Using Machine Learning for Hunting Security Threats

WATCH NOW Seeing the exponential hike in global cyber threat spectrum, organizations are now striving more for ...

Observability Newsletter Highlights | March 2023

 March 2023 | Check out the latest and greatestSplunk APM's New Tag Filter ExperienceSplunk APM has updated ...

Security Newsletter Updates | March 2023

 March 2023 | Check out the latest and greatestUnify Your Security Operations with Splunk Mission Control The ...