Dashboards & Visualizations
×

Join the Conversation

Without signing in, you're just watching from the sidelines. Sign in or Register to connect, share, and be part of the Splunk Community.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question

Validate Splunk Form Input

sscandoit
Explorer
‎08-05-2011 08:12 AM

Hi All,

I am new to Splunk. I have a form with 2 input boxes which I would like to validate before performing the search. I want to make sure that the user provides correct input for performing the search. I tried searching the forum and documentation but I couldn't find any info.

Is there a way to do it?

Thanks in advance,
Suvelee

Tags (1)
Reply

rahul_jasrotia
Path Finder
‎01-12-2017 10:01 PM

Is this possible to do ? I'm also trying to achieve something like this?

0 Karma
Reply

dineshraj9
Builder
‎01-13-2017 12:54 AM

You can try something like this within the search query -

 | gentimes start=-1 | eval IP_ADDRESS="10.10.10.10" | eval SEARCH=if(match(IP_ADDRESS,"^\d+\.\d+\.\d+\.\d+$"),[search index=<your_index> earliest=-1m | stats count as count1 by index| return $count1 ] ,"invalid input") | table SEARCH

Here if value of user entered IP_ADDRESS doesn't match the pattern, it will show "invalid input" in the results, else it shows the count from the subsearch.

0 Karma
Reply

yoho
Contributor
‎11-05-2013 01:15 AM

I wish I could also perform input validation in forms. For instance, I would like users to be able to type in an IP address in a text field but would like to make sure it's a valid IP address and is not a splunk search, for instance.

0 Karma
Reply
Get Updates on the Splunk Community!

Stronger Security with Federated Search for S3, GCP SQL & Australian Threat ...

Splunk Lantern is a Splunk customer success center that provides advice from Splunk experts on valuable data ...

Accelerating Observability as Code with the Splunk AI Assistant

We’ve seen in previous posts what Observability as Code (OaC) is and how it’s now essential for managing ...

Integrating Splunk Search API and Quarto to Create Reproducible Investigation ...

 Splunk is More Than Just the Web Console For Digital Forensics and Incident Response (DFIR) practitioners, ...