Dashboards & Visualizations
×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question

Cannot view Splunk dashboard from Distance

vkotagiri
New Member
‎10-10-2013 05:09 AM

Hi Splunk Support,

We Cofigured splunk dashboards on Monitors in our Cabin and will view it from our desk.. We cannot see the count from quite distance. is there any such color coding for Failures if they reach particular count so that we can alert once we see the color on the dashboard.?

Tags (1)
0 Karma
Reply

alacercogitatus
SplunkTrust
SplunkTrust
‎10-10-2013 05:30 AM

Sure! You will need to use Single Values and a rangemap command. The full explanation is here http://docs.splunk.com/Documentation/Splunk/6.0/Viz/PanelreferenceforSimplifiedXML#single.

The rangemap command will tell the dashboard to color it Green, Yellow, or Red depending on the value of a calculated field.

Here is a sample:

<single>
<searchString>
YOUR_SEARCH | stats count as log_events
| rangemap field=log_events low=1-100 elevated=101-300 default=severe
</searchString>
<title>Log events</title>
<earliestTime>-1d</earliestTime>
<latestTime>now</latestTime>
<option name="classField">range</option>
<option name="afterLabel">total logging events</option>
<option name="beforeLabel">Found</option>
</single>

0 Karma
Reply

ChrisG
Splunk Employee
Splunk Employee
‎10-10-2013 10:58 AM

classField should be range, as the example states. We did test this docs example before we published it.

0 Karma
Reply

sowings
Splunk Employee
Splunk Employee
‎10-10-2013 06:37 AM

I think it should be "range" (as that's what gets populated by rangemap).

0 Karma
Reply

alacercogitatus
SplunkTrust
SplunkTrust
‎10-10-2013 05:54 AM

If that is not correct, we need to ping the docs team, I pulled from the link for easy ref.

0 Karma
Reply

sowings
Splunk Employee
Splunk Employee
‎10-10-2013 05:53 AM

classField correct?

0 Karma
Reply
Get Updates on the Splunk Community!

What the End of Support for Splunk Add-on Builder Means for You

Hello Splunk Community! We want to share an important update regarding the future of the Splunk Add-on Builder ...

Solve, Learn, Repeat: New Puzzle Channel Now Live

Welcome to the Splunk Puzzle PlaygroundIf you are anything like me, you love to solve problems, and what ...

Building Reliable Asset and Identity Frameworks in Splunk ES

 Accurate asset and identity resolution is the backbone of security operations. Without it, alerts are ...