Dashboards & Visualizations
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

Generate text who including result

gamsecurity
Explorer
‎05-13-2020 06:01 AM

Hi,

In a dashboard we have a form with two inputs (email & subject).
We are looking for generate a text in this dashboard who including result from search.

For example a simple search :

index=myindex src=$email$ message_subject=$msg_sub$ | stats count(recipients) by src

this search will be used to generate a text in a dashboard :

" Sed et eros bibendum, fermentum nibh volutpat, convallis lorem. Nunc in dignissim lacus. Integer sodales tristique ultricies. In porta condimentum neque eget gravida. Sed magna dolor, laoreet non tortor sed, feugiat varius lacus. Donec semper hendrerit orci ac sodales. Pellentesque habitant morbi tristique senectus et netus et malesuada fames ac turpis egestas. Etiam mollis id augue non laoreet.

Etiam porttitor magna $email$ suscipit tortor luctus dignissim $msg_sub$

Morbi sit amet neque ipsum. Nam rhoncus dui nec neque bibendum commodo. Maecenas consequat imperdiet nisl a accumsan. Aenean pellentesque, justo sed elementum porta, nisl sem suscipit leo, quis consequat sapien velit et mi. Vivamus varius auctor risus, elementum pharetra nisl malesuada ut. Duis malesuada sollicitudin dignissim. In lacinia sagittis urna quis sollicitudin. Pellentesque a enim ultricies, blandit dui sit amet, tincidunt est."

A function/method exist to do that ?

Thanks for your help.

Labels (1)
Labels
0 Karma
Reply

niketn
Legend
‎06-23-2020 12:30 AM

@gamsecurity please add more details on where is the message coming from? From looks of it seems possible through SPL. Also please add more context for your requirement for the community to assist you better.

____________________________________________
| makeresults | eval message= "Happy Splunking!!!"
0 Karma
Reply

gamsecurity
Explorer
‎06-24-2020 12:17 AM

Hey,

 

Thanks for your awnser, I'll try to be as  clearest as possible.

We have data who are incomming from 2 differents index (microsoft exchange, and postfix(smtp)) and we need to generate a text with somes extracted fields  from these index.

For example, a search who find phishing mail will return only mail addresses, subject and co... 
We need to include this mail address and subject on a simple text.

For now, the search work, but we need to include our results in a text to warn our user by mail.

I hope it's clear for you.

Best regards.

0 Karma
Reply
Get Updates on the Splunk Community!

Enterprise Security Content Update (ESCU) | New Releases

In December, the Splunk Threat Research Team had 1 release of new security content via the Enterprise Security ...

Why am I not seeing the finding in Splunk Enterprise Security Analyst Queue?

(This is the first of a series of 2 blogs). Splunk Enterprise Security is a fantastic tool that offers robust ...

Index This | What are the 12 Days of Splunk-mas?

December 2024 Edition Hayyy Splunk Education Enthusiasts and the Eternally Curious!  We’re back with another ...