Re: Dashboard to track server status

sizemorejm · ‎07-20-2023

Hello,

I am attempting to make a dashboard that will simply show if a host/server is up or down. Basically have a box that is green or red for each server. Most threads I have seen are fairly old so I am hoping there is a an easier way to show this in either XML or in Dashboard Studio.

Thanks

meetmshah · ‎07-21-2023

Hello @sizemorejm,

Yes, I have just provided a demo server in the XML file and have used the makeresults command to have a dummy value available.

In an actual environment, you will need to get the status and update the colours based on the values. Do you need assistance with writing the actual search? If so, can you provide additional information like sample events etc.?

sizemorejm · ‎07-21-2023

Some events I have are "cpu" and "vmstat"

sizemorejm · ‎07-21-2023

Im using the Unix and Linux Add-On overview if that helps

meetmshah · ‎07-21-2023

Can you please share search / Dashboard XML?

sizemorejm · ‎07-21-2023

I have nothing different from what you linked initially , the only issue i am having is to configure a search to determine the status, should I use a metric that monitors CPU usage and determine the status based on that?

sizemorejm · ‎07-21-2023

Do you have a suggestion for a metric to monitor to determine if a host is up/down?

meetmshah · ‎07-21-2023

I believe "script://./bin/uptime.sh" inputs would help you.

meetmshah · ‎07-20-2023

Hello @sizemorejm,

You can get the results in the table format and use Color formatting with static values like below -

Here is the demo XML -

<dashboard version="1.1">
  <label>Test1</label>
  <row>
    <panel>
      <table>
        <search>
          <query>| makeresults
| eval host="abc", status="active"</query>
          <earliest>-24h@h</earliest>
          <latest>now</latest>
          <sampleRatio>1</sampleRatio>
        </search>
        <option name="count">100</option>
        <option name="dataOverlayMode">none</option>
        <option name="drilldown">none</option>
        <option name="percentagesRow">false</option>
        <option name="rowNumbers">false</option>
        <option name="totalsRow">false</option>
        <option name="wrap">true</option>
        <format type="color" field="status">
          <colorPalette type="map">{"active":#118832,"inactive":#115BAD}</colorPalette>
        </format>
      </table>
    </panel>
  </row>
</dashboard>

Please accept the solution and hit Karma, if this helps!

sizemorejm · ‎07-21-2023

I am trying to test this code out for hosts that I know are active and inactive and it can not tell if a server is inactive. is this because of the search?

sizemorejm · ‎07-21-2023

I am not sure if I am misunderstand or not but is this search causing it to automatically assume the server is active?

Dashboard to track server status

dashboard

single value

Can’t make it to .conf25? Join us online!

Community Content Calendar, September edition

Splunkbase Unveils New App Listing Management Public Preview

Leveraging Automated Threat Analysis Across the Splunk Ecosystem

Are you a member of the Splunk Community?