Dashboards & Visualizations

Create a Dashboard With a List of Alerts or Reports

SplunkLunk
Path Finder

So according to our admins there isn't an easy way to nest alerts on the "Alerts" page. I have a number of departmental alerts and I just have to keep scrolling down to get to some of them. I start each alert using a naming convention so they are grouped on the page, but it's annoying to scroll through dozens of alerts. Is there a way to create a dashboard I can lump each area's alerts into a panel that I can click on? So alerts for "Marketing" in one panel. Alerts for "IT" in another panel. It would just be easier for me to navigate alerts for specific areas that way. Thanks.

Tags (1)
0 Karma

mayurr98
Super Champion

Try this search : | rest /services/saved/searches | table title

<dashboard>
  <label>test1</label>
  <row>
    <panel>
      <table>
        <search>
          <query>| rest /services/saved/searches | table title</query>
          <earliest>0</earliest>
          <sampleRatio>1</sampleRatio>
        </search>
        <option name="count">20</option>
        <option name="dataOverlayMode">none</option>
        <option name="drilldown">cell</option>
        <option name="percentagesRow">false</option>
        <option name="rowNumbers">false</option>
        <option name="totalsRow">false</option>
        <option name="wrap">true</option>
        <drilldown>
          <link target="_blank">alert?s=%2FservicesNS%2Fnobody%app_name%2Fsaved%2Fsearches%2F$click.value$</link>
        </drilldown>
      </table>
    </panel>
  </row>
</dashboard>

This will give you list of all saved searches which you can point to specific alert using dashboard drilldown.

The drilldown is

<link target="_blank">alert?s=%2FservicesNS%2Fnobody%app_name%2Fsaved%2Fsearches%2F$click.value$</link>

You need to find the link and paste it.

0 Karma
Get Updates on the Splunk Community!

See just what you’ve been missing | Observability tracks at Splunk University

Looking to sharpen your observability skills so you can better understand how to collect and analyze data from ...

Weezer at .conf25? Say it ain’t so!

Hello Splunkers, The countdown to .conf25 is on-and we've just turned up the volume! We're thrilled to ...

How SC4S Makes Suricata Logs Ingestion Simple

Network security monitoring has become increasingly critical for organizations of all sizes. Splunk has ...