Dashboards & Visualizations

Hi. I have a requirement where I have to build a custom Form on top of the Splunk. And I want this form data to be the input for Splunk. Is that possible with the Splunk? If so, can someone provide me the details regarding this.

madhavi24
New Member

Hi. I have a requirement where I have to build a custom Form on top of the Splunk. And I want this form data to be the input for Splunk. Is that possible with the Splunk? If so, can someone provide me the details regarding this.

Tags (1)
0 Karma

Raghav2384
Motivator

Adding a little to the wise words from @alacercogitatus, there are quite a few ways to this.

OP might have found a solution already. If anyone still stuck on this, below is one of the many ways to do it

  1. Have Tokens for your form Elements
  2. Anything user enters is stored in Token
  3. You can get really creative and do a search as

|makeresults
|eval Input1 = $token1$
|eval Input2 = $token2$
|eval Input3 = $token3$
|collect index= host= sourcetype=

All of these are part of core Splunk, no custom code. Read more about collect command here
https://docs.splunk.com/Documentation/SplunkCloud/8.0.2003/SearchReference/Collect

Hope this helps!

Thanks,
Raghav

0 Karma

alacercogitatus
SplunkTrust
SplunkTrust

the Splunk is near. the Splunk is sentient. the Splunk sees all, knows all, indexes all. the Splunk knows you, before you know you. Splunk has its APIs, they know more, before you know more. They are contained within: http://dev.splunk.com/view/sdks/SP-CAAADP7. Use the SDKs, and knowledge shall be transformed for you. Build your form, in the language that pleases you. Manipulate the data, send it to the Splunk, it shall consume your request, think upon it, and return results of wisdom. Your form displays the wisdom for all to see!

MarioM
Motivator

sorry but this is not clear what you looking to do... is it a form based on data indexed in splunk using splunk ui or is it your own application with a custom form querying Splunk ?

0 Karma
Get Updates on the Splunk Community!

Earn a $35 Gift Card for Answering our Splunk Admins & App Developer Survey

Survey for Splunk Admins and App Developers is open now! | Earn a $35 gift card!      Hello there,  Splunk ...

Continuing Innovation & New Integrations Unlock Full Stack Observability For Your ...

You’ve probably heard the latest about AppDynamics joining the Splunk Observability portfolio, deepening our ...

Monitoring Amazon Elastic Kubernetes Service (EKS)

As we’ve seen, integrating Kubernetes environments with Splunk Observability Cloud is a quick and easy way to ...