Need to create dynamic dashboard with three parame...

N300853 · ‎04-20-2017

I need to create a dynamic dashboard with both individual view and cumulative view for the below requirement
Need to consolidate the API list name with its result and its time
API_Name | Scheduler Run results Date/Time Fail Pass
Assest API | Pass | 04/14/2017 11.30 AM | 0| 1
Membership API | Pass | 04/14/2017 11.30 AM | 0 |1
Plan sponsor API | Pass | 04/14/2017 11.30 AM |0 |1
Assest API | Fail | 04/14/2017 12.00 PM |1 |0
Membership API | Fail | 04/14/2017 12.00 PM |1| 0
Plan sponsor API | Pass| 04/14/2017 12.00 PM |0| 1
Assest API | Pass| 04/14/2017 12.30 PM |0|1
Membership API | Fail | 04/14/2017 12.30 PM| 1 |0
Plan sponsor API Fail 04/14/2017 12.30 PM 1 0

And also suggest which chart will be best to view this result in splunk dashboard

ErikaE · ‎04-21-2017

There's probably a more elegant way, but in the past I've appended data summarized the way I want:, e.g.

| your search here 
| append [ search your search again
| stats sum(Fail) as Fail sum(Pass) as Pass by API_Name]

The addtotals command will give you overall totals, you could do it as part of the base search or the append.

Hope that helps!

Need to create dynamic dashboard with three parameters

[Puzzles] Solve, Learn, Repeat: Dynamic formatting from XML events

Enter the Agentic Era with Splunk AI Assistant for SPL 1.4

Stronger Security with Federated Search for S3, GCP SQL & Australian Threat ...

Join the Conversation

Need to create dynamic dashboard with three parameters

[Puzzles] Solve, Learn, Repeat: Dynamic formatting from XML events

Enter the Agentic Era with Splunk AI Assistant for SPL 1.4

Stronger Security with Federated Search for S3, GCP SQL & Australian Threat ...