Dashboards & Visualizations
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

Create a dashboard for logs push to splunk on a regualar basis

mercy_esang
New Member
‎07-06-2022 10:12 AM

hello team,

i would like to create a dashboard for logs pushed splunk on a regular basis. how do i get a real-time dashboard, for both logs and alerts for applications running on azure/aws. i should be able to see this alerts and take remedy on that.

 

best regards,

mercy 

Labels (2)
Labels
0 Karma
Reply

gcusello
SplunkTrust
SplunkTrust
‎07-07-2022 12:34 AM

Hi @mercy_esang,

your question is just a little vague, and the answer could beonly one: you can use Splunk!

In other words, using Splunk you can index each kind of text log and show it in every kind od dashboard (scheduled o run time), Report or alert.

So, if you could share more details about your need, surely someone in the Community can help you.

In addition I hint to see the Splunk dashboard Examples App (https://splunkbase.splunk.com/app/1603/) that gives you examples about dashboarding and to see in the Splunkbase (apps.splunk.com) if there's (probably yes) an app to ingest and show the logs from the technology you're using.

Ciao.

Giuseppe

0 Karma
Reply

mercy_esang
New Member
‎07-07-2022 03:49 AM

Hi Gcusello,

thanks for the input.

i have  VM logs pushed to blob storage, from there splunk access the logs. these logs are pushed every 15mins to Splunk, there is no data/metrics to account for this.  for example, if the VM is deleted( this is a problem), i am looking to have a real time query/dashboard that show me a summary of live VM`s, the last log that was push before the VM was destroyed as i believe the dashboard should provide me metrics so i can analyse further,. Again can this process be automated, rather than manually running this query to get the dashboard displayed.

0 Karma
Reply

gcusello
SplunkTrust
SplunkTrust
‎07-07-2022 06:34 AM

Hi @mercy_esang,

as I said, the first try is search for an existing App for your technology, otherwise, you have to make all the steps I described and it's really difficoult to guide you.

Anyway, have you already ingested logs or have you to make also this step?

Could you share some sample of your logs highlighting the relevant information e.g. an error message or something that permits to identify a fault.

Ciao.

Giuseppe

0 Karma
Reply
Get Updates on the Splunk Community!

ICYMI - Check out the latest releases of Splunk Edge Processor

Splunk is pleased to announce the latest enhancements to Splunk Edge Processor.  HEC Receiver authorization ...

Introducing the 2024 SplunkTrust!

Hello, Splunk Community! We are beyond thrilled to announce our newest group of SplunkTrust members!  The ...

Introducing the 2024 Splunk MVPs!

We are excited to announce the 2024 cohort of the Splunk MVP program. Splunk MVPs are passionate members of ...