Dashboards & Visualizations
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

How to delete custom dashboard in a shcluster?

rtongue
Observer
‎01-09-2023 07:33 AM

Hi all, I am a very new Splunk admin, and am trying to peel back the onion on the previous admin's shenanigans in this Splunk environment. I have a "dashboard" that was created by a user in the "search" app, and they have requested that I delete the dashboard for them, as they cannot.  What is the proper way to do this? The only mention I can find of it is on all 3 search head peers under the path "/opt/splunk/etc/apps/search/local/data/ui/views/${dashboard_name}.xml"

I cannot find it on the cluster master, either in /etc/apps or /etc/shcluster/apps.  Please help me figure out what to do next.  Is it as simple as just removing that xml from all 3 search heads at the same time?  Thanks in advance. 

Labels (1)
Labels
0 Karma
Reply

rtongue
Observer
‎01-09-2023 07:54 AM

I am an admin, and the UI is missing the option to delete, which I thought was by design, guess not.  Also, I cannot find the same dashboard in the master (which is also the deployer). So not sure what to do. 

0 Karma
Reply

richgalloway
SplunkTrust
SplunkTrust
‎01-09-2023 08:40 AM

Interesting.  A dashboard in the local folder was created on one of the SHC nodes and should be deleteable using the UI.  Make sure your account has the admin_all_objects capability.

If you still can't do it in the UI then delete the file from all SHC member nodes and do a rolling restart of the cluster.

---
If this reply helps you, Karma would be appreciated.
0 Karma
Reply

richgalloway
SplunkTrust
SplunkTrust
‎01-09-2023 07:53 AM

As the admin, you may be able to delete the dashboard from the UI if the user cannot.

If your cluster manager is not also your SHC deployer then look on the deployer for the dashboard, remove it, then apply the shcluster bundle.

---
If this reply helps you, Karma would be appreciated.
0 Karma
Reply
Get Updates on the Splunk Community!

Earn a $35 Gift Card for Answering our Splunk Admins & App Developer Survey

Survey for Splunk Admins and App Developers is open now! | Earn a $35 gift card!      Hello there,  Splunk ...

Continuing Innovation & New Integrations Unlock Full Stack Observability For Your ...

You’ve probably heard the latest about AppDynamics joining the Splunk Observability portfolio, deepening our ...

Monitoring Amazon Elastic Kubernetes Service (EKS)

As we’ve seen, integrating Kubernetes environments with Splunk Observability Cloud is a quick and easy way to ...