Dashboards & Visualizations
×

Join the Conversation

Without signing in, you're just watching from the sidelines. Sign in or Register to connect, share, and be part of the Splunk Community.
Ask a Question
Solved! Jump to solution

Realtime dashboard

Nith1
Path Finder
‎07-18-2021 11:13 PM

Hi Team,

 

I have my logs for jira,bamboo and ucd in splunk with indexes like index=jira,index=bamboo and index=ucd for all these tools need to build a realtime dashboard .Can someone guide me how to show as a realtime dashboard

 

Thanks

 

Labels (1)
Labels
Tags (1)
0 Karma
Reply
1 Solution
Solved! Jump to solution
Solution

gcusello
SplunkTrust
SplunkTrust
‎07-19-2021 12:04 AM

Hi @Nith1,

you have to run one by one the searches in your indexes (e.g. index=jira), applying  each time the aggregations you like (stats, timechart, table, etc...), then you have to save each search in a different panel of a dashboard.

Then you have to add a Time Picker and correlate each panel to the Time Picker.

You could find and see in YouTube some videos that teach how to do this.

Ciao.

Giuseppe

View solution in original post

Reply
Solved! Jump to solution
Solution

gcusello
SplunkTrust
SplunkTrust
‎07-19-2021 12:04 AM

Hi @Nith1,

you have to run one by one the searches in your indexes (e.g. index=jira), applying  each time the aggregations you like (stats, timechart, table, etc...), then you have to save each search in a different panel of a dashboard.

Then you have to add a Time Picker and correlate each panel to the Time Picker.

You could find and see in YouTube some videos that teach how to do this.

Ciao.

Giuseppe

Reply
Solved! Jump to solution

Nith1
Path Finder
‎07-19-2021 12:13 AM

Hi @gcusello 

One more doubt please, whenever i do some modification in jira (eg:, i create an issue ) can i view the same in splunk dashboard at the sametime. I mean can i get a Realtime view for the same

 

Thanks

0 Karma
Reply
Solved! Jump to solution

gcusello
SplunkTrust
SplunkTrust
‎07-19-2021 12:20 AM

Hi @Nith1,

if your Jira logs all the steps you do in it, the log is passed to Splunk.

If it's really in Real Time depends on the time to pass data from Jira to Splunk.

I don't know your need, but remember that a Real Time search like the one you described is very expensive in terms of resources, because each search in Splunk takes a CPU, so if you have a dashboard with three Real Time Searches, each dashboard continously uses three CPUs, so you have to correctly make a Capacity Plan for you infrastructure.

Otherwise you should analyze if you really need Real Time Searches or if you can run a search that updates results e.g. every five minutes.

Ciao.

Giuseppe

Reply
Got questions? Get answers!

Join the Splunk Community Slack to learn, troubleshoot, and make connections with fellow Splunk practitioners in real time!

Meet up IRL or virtually!

Join Splunk User Groups to connect and learn in-person by region or remotely by topic or industry.

Get Updates on the Splunk Community!

[Puzzles] Solve, Learn, Repeat: Matching cron expressions

This puzzle (first published here) is based on matching timestamps to cron expressions.All the timestamps ...

Design, Compete, Win: Submit Your Best Splunk Dashboards for a .conf26 Pass

Hello Splunkers,  We’re excited to kick off a Splunk Dashboard contest! We know that dashboards are a primary ...

May 2026 Splunk Expert Sessions: Security & Observability

Level Up Your Operations: May 2026 Splunk Expert Sessions Whether you are refining your security posture or ...