Re: Cannot view Splunk dashboard from Distance

vkotagiri · ‎10-10-2013

Hi Splunk Support,

We Cofigured splunk dashboards on Monitors in our Cabin and will view it from our desk.. We cannot see the count from quite distance. is there any such color coding for Failures if they reach particular count so that we can alert once we see the color on the dashboard.?

alacercogitatus · ‎10-10-2013

Sure! You will need to use Single Values and a rangemap command. The full explanation is here http://docs.splunk.com/Documentation/Splunk/6.0/Viz/PanelreferenceforSimplifiedXML#single.

The rangemap command will tell the dashboard to color it Green, Yellow, or Red depending on the value of a calculated field.

Here is a sample:

<single> <searchString> YOUR_SEARCH | stats count as log_events | rangemap field=log_events low=1-100 elevated=101-300 default=severe </searchString> <title>Log events</title> <earliestTime>-1d</earliestTime> <latestTime>now</latestTime> <option name="classField">range</option> <option name="afterLabel">total logging events</option> <option name="beforeLabel">Found</option> </single>

ChrisG · ‎10-10-2013

classField should be range, as the example states. We did test this docs example before we published it.

sowings · ‎10-10-2013

I think it should be "range" (as that's what gets populated by rangemap).

alacercogitatus · ‎10-10-2013

If that is not correct, we need to ping the docs team, I pulled from the link for easy ref.

sowings · ‎10-10-2013

classField correct?

Cannot view Splunk dashboard from Distance

Join the Splunk Community Slack to learn, troubleshoot, and make connections with fellow Splunk practitioners in real time!

Join Splunk User Groups to connect and learn in-person by region or remotely by topic or industry.

Event Series: Telemetry Pipeline Management

Kick the Tires Before You Commit: A Hands-On Tour of the Splunk Observability Cloud ...

Deep insights, no barriers: Splunk Observability Cloud Free Edition

Join the Conversation