Solved: Is it possible to create a dashboard with chart wh...

oriches · ‎07-08-2013

I want to create a dashboard where I can change the 'SessionId' in the following query, ideally I want to be able to select one from a dropdown list and the chart would refresh.

host="jedi-sit2" SessionId=7e88e1f8-f06c-4950-bedc-97b2ad51d0e6 | timechart mode(ui_process_memory)

Is this possible?

linu1988 · ‎07-08-2013

Please refer to Splunk UI examples APP / Sideview Utils APP.
You can create dashboards with pulldown /dropdown modules to fill your session ids. Then pass the variable to the search in the dashboard panel. Thanks.

http://docs.splunk.com/Documentation/Splunk/latest/Viz/Exampledashboard

aholzer · ‎07-08-2013

As @linu1988 said, Sideview Utils is a really powerful tool that you can use to make sophisticated dashboards and I highly recommend it.

If you are looking for something quicker, you may want to look into the Splunk views called "forms" that come included in the base splunk. They allow you to define dashboards with user inputs.

Sideview Utils has tools that allow you to do the same thing, and in the long term is a better/more robust solution, but if you are just looking for a quick answer, the keyword you are looking for is "form". "Splunk form".

oriches · ‎07-08-2013

Where can I find out more about 'Sideview Utils'?

We have a licensed version of splunk

linu1988 · ‎07-08-2013

http://splunk-base.splunk.com/apps/36405/sideview-utils-lgpl.

Please see the usage terms and conditions. But for reference it's the best

nfilippi_splunk · ‎07-08-2013

You can achieve this through simple xml forms. Here's an example of what it might look like, where there is a dropdown of available session ids that is populated by a Splunk search.

For more information/examples on forms, here's a link to the docs:
http://docs.splunk.com/Documentation/Splunk/latest/Viz/Exampleform

<form>
  <label>session_id_search</label>
  <fieldset>
      <input type="dropdown" token="session_id">
          <label>Session ID:</label>
          <populatingSearch fieldForValue="SessionID" fieldForLabel="SessionID" earliest="-7d@d" latest="now">host="jedi-sit2"
| dedup SessionID</populatingSearch>
      </input>
  </fieldset>
  <row>
    <chart>
      <searchString>host="jedi-sit2" SessionId="$session_id$" | timechart mode(ui_process_memory)</searchString>
      <title>Memory Usage</title>
      <option name="charting.chart">line</option>
      <earliestTime>-7d@d</earliestTime>
      <latestTime>now</latestTime>
    </chart>
  </row>
</form>

View solution in original post

sideview · ‎07-09-2013

Note that the latest Sideview Utils is 2.5 and while it's also available under a free license, you have to get it from the Sideview site at http://sideviewapps.com/apps/sideview-utils/ The LGPL version linked to is a much older version (1.3.5). There have been an enormous number of improvements, new features and bugfixes since 1.3.5 so make sure you're on the latest.

Is it possible to create a dashboard with chart where a value is configurable by the user

Re: Is it possible to create a dashboard with chart where a value is configurable by the user

Re: Is it possible to create a dashboard with chart where a value is configurable by the user

Re: Is it possible to create a dashboard with chart where a value is configurable by the user

Re: Is it possible to create a dashboard with chart where a value is configurable by the user

Re: Is it possible to create a dashboard with chart where a value is configurable by the user

Re: Is it possible to create a dashboard with chart where a value is configurable by the user