Dashboards & Visualizations
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question
Solved! Jump to solution

Splunk dashboard table - how to add colors based on Threshold values for Dynamic column names?

shashankk
Path Finder
‎06-27-2023 06:14 AM

Hello Team

I am having a Dashboard created with below Table output. The table is having a dynamic column names (in Date format)

Output as below:

TestMQ2023-06-232023-06-222023-06-212023-06-202023-06-192023-06-182023-06-172023-06-16And so on - till 30 days
MQ.NAME5.0317.0425.7519.8232.1456.8110.9185.14....


My requirement is to color code these values based on the threshold condition as "[<60 = Green] | [>85 = Red] | [>60 AND <85 = Amber]"

I am new to Splunk and still learning. Kindly suggest how this can be achieved i.e. to modify the dynamic Column values based on the Threshold conditions.

@ITWhisperer

0 Karma
Reply
1 Solution
Solved! Jump to solution
Solution

ITWhisperer
SplunkTrust
SplunkTrust
‎06-27-2023 08:38 AM

Try removing field so that it applies to all fields.

View solution in original post

Reply
Solved! Jump to solution

shashankk
Path Finder
‎06-27-2023 08:31 AM

@ITWhisperer - Do you have any suggestions on this please? 

  • Are we suppose to Hard code all possible values and specify the Threshold condition? 
  • How do we use wildcard search here which will apply to all possible Date format values ?

    Example below:

    Date Format: 2023-06-27

    <format type="color" field="202*-*-*">
    <colorPalette type="list">[#53A051,#F1813F,#DC4E41]</colorPalette>
    <scale type="threshold">60,85</scale>
    </format>
0 Karma
Reply
Solved! Jump to solution
Solution

ITWhisperer
SplunkTrust
SplunkTrust
‎06-27-2023 08:38 AM

Try removing field so that it applies to all fields.

Reply
Solved! Jump to solution

shashankk
Path Finder
‎06-28-2023 04:17 AM

@ITWhisperer - Thank you - this works fine! 🙂

0 Karma
Reply
Solved! Jump to solution

dural_yyz
Communicator
‎06-27-2023 07:18 AM

Formatting columns with color is answered here:

https://community.splunk.com/t5/Dashboards-Visualizations/How-to-color-table-cell-on-dashboard-based...

They referenced the document link here:

http://docs.splunk.com/Documentation/Splunk/latest/Viz/TableFormatsXML

 

You want to do column color formats for dynamically named columns which does not appear possible based upon current documentation for xml dashboards.  In the table settings the color tablet is applied at the field name level.  A dynamically named field can not be accounted for unless you were to hard code all possible options.

0 Karma
Reply
Get Updates on the Splunk Community!

Infographic provides the TL;DR for the 2023 Splunk Career Impact Report

We’ve been shouting it from the rooftops! The findings from the 2023 Splunk Career Impact Report showing that ...

Splunk Lantern | Getting Started with Edge Processor, Machine Learning Toolkit ...

Splunk Lantern is Splunk’s customer success center that provides advice from Splunk experts on valuable data ...

Enterprise Security Content Update (ESCU) | New Releases

In the last month, the Splunk Threat Research Team (STRT) has had 2 releases of new security content via the ...