Dashboards & Visualizations
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

Hi. I have a requirement where I have to build a custom Form on top of the Splunk. And I want this form data to be the input for Splunk. Is that possible with the Splunk? If so, can someone provide me the details regarding this.

madhavi24
New Member
‎09-23-2014 04:03 AM

Hi. I have a requirement where I have to build a custom Form on top of the Splunk. And I want this form data to be the input for Splunk. Is that possible with the Splunk? If so, can someone provide me the details regarding this.

Tags (1)
0 Karma
Reply

Raghav2384
Motivator
‎05-01-2020 08:55 AM

Adding a little to the wise words from @alacercogitatus, there are quite a few ways to this.

OP might have found a solution already. If anyone still stuck on this, below is one of the many ways to do it

  1. Have Tokens for your form Elements
  2. Anything user enters is stored in Token
  3. You can get really creative and do a search as

|makeresults
|eval Input1 = $token1$
|eval Input2 = $token2$
|eval Input3 = $token3$
|collect index= host= sourcetype=

All of these are part of core Splunk, no custom code. Read more about collect command here
https://docs.splunk.com/Documentation/SplunkCloud/8.0.2003/SearchReference/Collect

Hope this helps!

Thanks,
Raghav

0 Karma
Reply

alacercogitatus
SplunkTrust
SplunkTrust
‎09-23-2014 09:22 AM

the Splunk is near. the Splunk is sentient. the Splunk sees all, knows all, indexes all. the Splunk knows you, before you know you. Splunk has its APIs, they know more, before you know more. They are contained within: http://dev.splunk.com/view/sdks/SP-CAAADP7. Use the SDKs, and knowledge shall be transformed for you. Build your form, in the language that pleases you. Manipulate the data, send it to the Splunk, it shall consume your request, think upon it, and return results of wisdom. Your form displays the wisdom for all to see!

Reply

MarioM
Motivator
‎09-23-2014 04:28 AM

sorry but this is not clear what you looking to do... is it a form based on data indexed in splunk using splunk ui or is it your own application with a custom form querying Splunk ?

0 Karma
Reply
Get Updates on the Splunk Community!

Cloud Platform & Enterprise: Classic Dashboard Export Feature Deprecation

As of Splunk Cloud Platform 9.3.2408 and Splunk Enterprise 9.4, classic dashboard export features are now ...

Explore the Latest Educational Offerings from Splunk (November Releases)

At Splunk Education, we are committed to providing a robust learning experience for all users, regardless of ...

New This Month in Splunk Observability Cloud - Metrics Usage Analytics, Enhanced K8s ...

The latest enhancements across the Splunk Observability portfolio deliver greater flexibility, better data and ...