Dashboards & Visualizations

Is it possible to create a dashboard that accepts text and creates a searchable log based on the input?

EdgarAllenProse
Path Finder

I am trying to figure out how to create a dashboard that essentially creates a log that is searchable based on the input.

example:

There are 4 Input boxes and a submit button.

1st text Box:
Date: | User inputs a date |

2nd Text box:
Source IP: | user inputs source IP they are looking at |

3rd Text box
Port: | user inputs a port number |

4th Text box
Notes | a box where user can type in generic notes |

so after those are filled out and the user hits submit, a log is generated that might look like this when queried:

LOG:

 date: 11/23/2016 13:09, Source IP: 192.168.1.1, Port: 443, Notes: "I looked at a thing today, and this is some data I collected. It probably means nothing, but here it is."

Are there any docs, references, or answers that might point me in the right direction?

0 Karma
1 Solution

bshuler_splunk
Splunk Employee
Splunk Employee

bshuler_splunk
Splunk Employee
Splunk Employee

This lets you use javascript to log data to Splunk: http://dev.splunk.com/view/splunk-logging-javascript/SP-CAAAE6U

EdgarAllenProse
Path Finder

Sorry for the late response! So this seems close to what I am trying to do, however, does this work to create a dashboard within splunk that creates logs based off of input in the dashboard? It seems like this is more geared to creating logs from external apps.

0 Karma

sundareshr
Legend

EdgarAllenProse
Path Finder

This was helpful for understanding token usage, but What I am trying to do is create a specific log within splunk. So the input fields aren't used to perform a search, but rather create a combined log that is ultimately queryable. Thank you for a good doc to through in my bookmarks though!

Do you know any other resources more specific to creating logs within splunk?

0 Karma
Get Updates on the Splunk Community!

Why getting timeout error while adding data to the Splunk cloud index from REST API?

Hello Team,<BR /><BR />I am getting timeout error while adding data to Splunk cloud index from REST API. I am ...

Cannot push config from deployer to search head cluster

Hello,I recently upgraded our deployer/deployment server from 8.1.6 to version 9.0 and when I try to push ...

Subsearch: How to create a search which returns multiple values?

Hi, I have a search query which returns multiple values. For example, the search query returns abc, def, ...