Dashboards & Visualizations
×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question

Need a query /dashboard that shows hostnames from /var/log/messages

dops1992
New Member
‎06-12-2018 05:21 PM

We have an index called syslog and we want to capture certain errors and report them in a dashboard with a graph as well as a table below that . Was wondering how to do that . I tried to add a dashboard and a panel but it only shows the graph.

Example

index=log host=pprdabcdek01 "reports path is down" this works great for one host
index=log host=pprd*k* OR host=pprd***l "tur checker reports path is down"| timechart count by host (This also works great but not sure if it is efficient) . Woudl like a better query that will cover more hosts like
pprdefghk01 or pprdabcask04 or pprderedbl01 or pprdrrsasl04 etc .....

Tags (1)
0 Karma
Reply

martin_mueller
SplunkTrust
SplunkTrust
‎06-13-2018 09:41 AM

The easy option would be to cover all hosts, and remove the host= filter.

If you only want to view a set of hosts I'd recommend storing that set in a lookup file, and either filtering by an automatic lookup output field or using a subsearch like index=log [inputlookup that_lookup | fields host] ....

0 Karma
Reply
Get Updates on the Splunk Community!

Data Management Digest – November 2025

  Welcome to the inaugural edition of Data Management Digest! As your trusted partner in data innovation, the ...

Splunk Mobile: Your Brand-New Home Screen

Meet Your New Mobile Hub  Hello Splunk Community!  Staying connected to your data—no matter where you are—is ...

Introducing Value Insights (Beta): Understand the Business Impact your organization ...

Real progress on your strategic priorities starts with knowing the business outcomes your teams are delivering ...