Dashboards & Visualizations

How to create a dashboard with charts to monitor web service metrics?

pankajad
Explorer

I'm new to Splunk and trying to create a dashboard for a web service. I'm looking for a metrics/chart for multiple web service methods, their http status code on the last one hour/last one day.

  • method endpoint (for e.g. - getAppointment, createAppointment, deleteAppointment)
  • Http Status Code (for e.g. - 200, 400, 500)
  • Date/Time (for e.g. - 09/09/15 3 PM, 09/09/15 2 PM etc or any other format like last one hour etc)

Here is the log sample:

2015-09-09 16:43:35.44 thread=http-nio-8080-exec-1 level=INFO class=AppointmentResource -
Endpoint=/appointment/batch , Http_status_code=200

2015-09-09 16:43:35.419 thread=http-nio-8080-exec-1 level=INFO class=AppointmentResource -
Endpoint=/appointment/batch , Http_status_code=200
2015-09-09 16:43:35.419 thread=http-nio-8080-exec-1 level=INFO class=AppointmentResource -
Endpoint=/appointment/{appointmentId} , Http_status_code=200
2015-09-09 16:43:35.418 thread=http-nio-8080-exec-1 level=INFO class=AppointmentResource -
Endpoint=/appointment/batch , Http_status_code=400
2015-09-09 16:43:35.417 thread=http-nio-8080-exec-1 level=INFO class=AppointmentResource -
Endpoint=/appointment/batch , Http_status_code=500
2015-09-09 16:43:35.415 thread=http-nio-8080-exec-1 level=INFO class=AppointmentResource -
Endpoint=/appointment/batch , Http_status_code=500
2015-09-09 16:43:35.413 thread=http-nio-8080-exec-1 level=INFO class=AppointmentResource -
Endpoint=/appointment/batch , Http_status_code=200
2015-09-09 16:43:35.412 thread=http-nio-8080-exec-1 level=INFO class=AppointmentResource -
Endpoint=/appointment/batch , Http_status_code=400
2015-09-09 16:43:35.411 thread=http-nio-8080-exec-1 level=INFO class=AppointmentResource -
Endpoint=/appointment/batch , Http_status_code=500
2015-09-09 16:40:45.258 thread=http-nio-8080-exec-2 level=INFO class=AppointmentResource -
Endpoint=/appointment/{appointmentId} , Http_status_code=200
2015-09-09 16:39:39.133 thread=http-nio-8080-exec-1 level=INFO class=AppointmentResource -
Endpoint=/appointment/{appointmentId} , Http_status_code=200
2015-09-09 15:05:52.968 thread=http-nio-8080-exec-2 level=INFO class=AppointmentResource -
Endpoint=/appointment/{appointmentId} , Http_status_code=200
2015-09-09 15:05:36.426 thread=http-nio-8080-exec-1 level=INFO class=AppointmentResource -
Endpoint=/appointment/{appointmentId} , Http_status_code=200
2015-09-09 14:57:27.964 thread=http-nio-8080-exec-1 level=INFO class=AppointmentResource -
Endpoint=/appointment/{appointmentId} , Http_status_code=200
2015-09-09 14:47:31.578 thread=http-nio-8080-exec-1 level=INFO class=AppointmentResource -
Endpoint=/appointment/{appointmentId} , Http_status_code=200
2015-09-09 14:47:31.578 thread=http-nio-8080-exec-1 level=INFO class=AppointmentResource -
Endpoint=/appointment/{appointmentId} , Http_status_code=200
2015-09-09 14:47:25.005 thread=http-nio-8080-exec-10 level=INFO class=AppointmentResource -
Endpoint=/appointment/{appointmentId} , Http_status_code=500
2015-09-09 14:47:25.005 thread=http-nio-8080-exec-10 level=INFO class=AppointmentResource -
Endpoint=/appointment/{appointmentId} , Http_status_code=500
2015-09-09 14:47:23.409 thread=http-nio-8080-exec-9 level=INFO class=AppointmentResource -
Endpoint=/appointment/{appointmentId} , Http_status_code=500
2015-09-09 14:47:23.409 thread=http-nio-8080-exec-9 level=INFO class=AppointmentResource -
Endpoint=/appointment/{appointmentId} , Http_status_code=500
2015-09-09 14:47:22.270 thread=http-nio-8080-exec-8 level=INFO class=AppointmentResource -
Endpoint=/appointment/{appointmentId} , Http_status_code=500
2015-09-09 14:47:22.270 thread=http-nio-8080-exec-8 level=INFO class=AppointmentResource -
Endpoint=/appointment/{appointmentId} , Http_status_code=500
2015-09-09 14:47:15.296 thread=http-nio-8080-exec-7 level=INFO class=AppointmentResource -
Endpoint=/appointment/{appointmentId} , Http_status_code=200
2015-09-09 14:47:15.296 thread=http-nio-8080-exec-7 level=INFO class=AppointmentResource -
Endpoint=/appointment/{appointmentId} , Http_status_code=200
2015-09-09 14:47:11.103 thread=http-nio-8080-exec-6 level=INFO class=AppointmentResource -
Endpoint=/appointment/{appointmentId} , Http_status_code=400
2015-09-09 14:47:11.103 thread=http-nio-8080-exec-6 level=INFO class=AppointmentResource -
Endpoint=/appointment/{appointmentId} , Http_status_code=400
2015-09-09 14:47:09.254 thread=http-nio-8080-exec-5 level=INFO class=AppointmentResource -
Endpoint=/appointment/{appointmentId} , Http_status_code=400
2015-09-09 14:47:09.254 thread=http-nio-8080-exec-5 level=INFO class=AppointmentResource -
Endpoint=/appointment/{appointmentId} , Http_status_code=400
2015-09-09 14:47:04.532 thread=http-nio-8080-exec-4 level=INFO class=AppointmentResource -
Endpoint=/appointment/{appointmentId} , Http_status_code=200
2015-09-09 14:47:04.532 thread=http-nio-8080-exec-4 level=INFO class=AppointmentResource -
Endpoint=/appointment/{appointmentId} , Http_status_code=200
2015-09-09 14:47:03.147 thread=http-nio-8080-exec-3 level=INFO class=AppointmentResource -
Endpoint=/appointment/{appointmentId} , Http_status_code=200
2015-09-09 14:47:03.147 thread=http-nio-8080-exec-3 level=INFO class=AppointmentResource -
Endpoint=/appointment/{appointmentId} , Http_status_code=200
2015-09-09 14:47:01.683 thread=http-nio-8080-exec-2 level=INFO class=AppointmentResource -
Endpoint=/appointment/{appointmentId} , Http_status_code=200
2015-09-09 14:47:01.683 thread=http-nio-8080-exec-2 level=INFO class=AppointmentResource -
Endpoint=/appointment/{appointmentId} , Http_status_code=200
2015-09-09 14:46:58.344 thread=http-nio-8080-exec-1 level=INFO class=AppointmentResource -
Endpoint=/appointment/{appointmentId} , Http_status_code=200
2015-09-09 14:46:58.344 thread=http-nio-8080-exec-1 level=INFO class=AppointmentResource -
Endpoint=/appointment/{appointmentId} , Http_status_code=200

0 Karma
1 Solution

woodcock
Esteemed Legend

Like this:

... earliest=-1h@h latest=now | chart count OVER Http_status_code BY Endpoint useother=f

... earliest=-1d@d latest=now | chart count OVER Http_status_code BY Endpoint useother=f

View solution in original post

0 Karma

woodcock
Esteemed Legend

Like this:

... earliest=-1h@h latest=now | chart count OVER Http_status_code BY Endpoint useother=f

... earliest=-1d@d latest=now | chart count OVER Http_status_code BY Endpoint useother=f
0 Karma

woodcock
Esteemed Legend

Show us sample log data.

0 Karma

pankajad
Explorer

I have added the sample log to the question.

0 Karma
Get Updates on the Splunk Community!

NEW! Log Views in Splunk Observability Dashboards Gives Context From a Single Page

Today, Splunk Observability releases log views, a new feature for users to add their logs data from Splunk Log ...

Last Chance to Submit Your Paper For BSides Splunk - Deadline is August 12th!

Hello everyone! Don't wait to submit - The deadline is August 12th! We have truly missed the community so ...

Ready, Set, SOAR: How Utility Apps Can Up Level Your Playbooks!

 WATCH NOW Powering your capabilities has never been so easy with ready-made Splunk® SOAR Utility Apps. Parse ...