How to create an alert for dashboard/panels are no...

pradeepkm · ‎05-31-2022

We had instances where dashboard was not updating. I would like to create an alert if dashboard/panels are not updating. How do i achieve this. Please help

gcusello · ‎05-31-2022

Hi @pradeepkm,

as @richgalloway said, in Splunk you don't have a great visibility about dashboard updating because it isn't a transactional system, but you could move your check to the presence of updated data, e.g. if you want to check that there are new data in the last 10 minutes to display in a dashboard, you could run something like this:

index=your_index earliest=-10m@m latest=now

the alert condition is "no results".

Ciao.

Giuseppe

richgalloway · ‎05-31-2022

AFAIK, Splunk has very little visibility into a running dashboard. The internal logs will show when the dashboard is first opened by a user. They'll also show the searches run by the dashboard, but, regrettably, those searches are not linked to the dashboard itself. I think you'll have to rely on users reporting the dashboard is not updating.

---
If this reply helps you, Karma would be appreciated.

How to create an alert for dashboard/panels are not updating?

Dashboard Studio

panel

Index This | Why did the turkey cross the road?

Enter the Agentic Era with Splunk AI Assistant for SPL 1.4

Feel the Splunk Love: Real Stories from Real Customers

Are you a member of the Splunk Community?