Dashboards & Visualizations

Realtime dashboard

Nith1
Path Finder

Hi Team,

 

I have my logs for jira,bamboo and ucd in splunk with indexes like index=jira,index=bamboo and index=ucd for all these tools need to build a realtime dashboard .Can someone guide me how to show as a realtime dashboard

 

Thanks

 

Labels (1)
Tags (1)
0 Karma
1 Solution

gcusello
SplunkTrust
SplunkTrust

Hi @Nith1,

you have to run one by one the searches in your indexes (e.g. index=jira), applying  each time the aggregations you like (stats, timechart, table, etc...), then you have to save each search in a different panel of a dashboard.

Then you have to add a Time Picker and correlate each panel to the Time Picker.

You could find and see in YouTube some videos that teach how to do this.

Ciao.

Giuseppe

View solution in original post

gcusello
SplunkTrust
SplunkTrust

Hi @Nith1,

you have to run one by one the searches in your indexes (e.g. index=jira), applying  each time the aggregations you like (stats, timechart, table, etc...), then you have to save each search in a different panel of a dashboard.

Then you have to add a Time Picker and correlate each panel to the Time Picker.

You could find and see in YouTube some videos that teach how to do this.

Ciao.

Giuseppe

Nith1
Path Finder

Hi @gcusello 

One more doubt please, whenever i do some modification in jira (eg:, i create an issue ) can i view the same in splunk dashboard at the sametime. I mean can i get a Realtime view for the same

 

Thanks

0 Karma

gcusello
SplunkTrust
SplunkTrust

Hi @Nith1,

if your Jira logs all the steps you do in it, the log is passed to Splunk.

If it's really in Real Time depends on the time to pass data from Jira to Splunk.

I don't know your need, but remember that a Real Time search like the one you described is very expensive in terms of resources, because each search in Splunk takes a CPU, so if you have a dashboard with three Real Time Searches, each dashboard continously uses three CPUs, so you have to correctly make a Capacity Plan for you infrastructure.

Otherwise you should analyze if you really need Real Time Searches or if you can run a search that updates results e.g. every five minutes.

Ciao.

Giuseppe

Get Updates on the Splunk Community!

New in Observability - Improvements to Custom Metrics SLOs, Log Observer Connect & ...

The latest enhancements to the Splunk observability portfolio deliver improved SLO management accuracy, better ...

Improve Data Pipelines Using Splunk Data Management

  Register Now   This Tech Talk will explore the pipeline management offerings Edge Processor and Ingest ...

3-2-1 Go! How Fast Can You Debug Microservices with Observability Cloud?

Register Join this Tech Talk to learn how unique features like Service Centric Views, Tag Spotlight, and ...