Dashboards & Visualizations
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

How to fill text box and write to external file through dashboard form input

lies2yk
Observer
‎09-16-2014 03:19 AM

Hi all,
i need to give possibility to users to fill two text box and then write the value in one external lookup file put in the lookup directory
The form dashboard is quite simply: [TEXT-BOX1] [TEXT-BOX2] SubmitButton

I read this post:
http://answers.splunk.com/answers/64502/i-want-to-modify-lookup-file-directly-through-the-dashboard....
but i'm not familiar with python so that is what i do:

1) I create a simple script called input.py and put in bin/ directory:

input1 = input(test1)
input2 = input(test2)
#file = open("/opt/splunk/etc/apps/<myApp>/lookups/testinput.csv", "w")
file.write(input1 + "," + input2 + "\n") #still the \n for separating lines in the file
file.write("\n".join((input1,input2,)))
file.close()

2) I create a commands.conf and put in local/ directory

 [input]
 filename = /opt/splunk/etc/apps/<myApp>/bin/input.py

Now the questions are:
1) Is correct the script as i wrote? (if not, please can indicate me how i write the correct code)
2) How i can recall the stanza in my dashboard form?
The code of the dashboard is:

<form>
  <label>Input Form</label>
  <fieldset submitButton="true" autoRun="false">
    <input type="text" token="input1">
      <label>INPUT 1</label>
    </input>
    <input type="text" token="input2">
      <label>INPUT2</label>
    </input>
  </fieldset>
</form>

Thank you for your support

0 Karma
Reply

aagro
Path Finder
‎01-15-2016 03:00 AM

Under the statment xml fieldset declaration, you have to insert the search via your phyton script :

<form>
   <label>Input Form</label>
   <fieldset submitButton="true" autoRun="false">
     <input type="text" token="input1">
       <label>INPUT 1</label>
     </input>
   <input type="text" token="input2">
       <label>INPUT2</label>
   </input>
  </fieldset>
\</form>
#####   HERE INSERT THE SEARCH VIA PYTHON SCRIPT
<search>
    <query>|  input  "$input1$" "$input2$"</query>  
    <earliest></earliest>
    <latest></latest>
</search>

Regards,
Antonio

Reply

martin_mueller
SplunkTrust
SplunkTrust
‎09-16-2014 03:41 AM

Have you considered using a combination of the inputlookup and outputlookup search commands?

Here's a detailed example: http://blogs.splunk.com/2011/01/11/maintaining-state-of-the-union/

Additionally, if you're just looking for a way to edit lookups through the UI, take a look at Luke's Lookup File Editor app at http://apps.splunk.com/app/1724/

0 Karma
Reply
Get Updates on the Splunk Community!

.conf24 | Day 0

Hello Splunk Community! My name is Chris, and I'm based in Canberra, Australia's capital, and I travelled for ...

Enhance Security Visibility with Splunk Enterprise Security 7.1 through Threat ...

(view in My Videos)Struggling with alert fatigue, lack of context, and prioritization around security ...

Troubleshooting the OpenTelemetry Collector

  In this tech talk, you’ll learn how to troubleshoot the OpenTelemetry collector - from checking the ...