Dashboards & Visualizations
×

Join the Conversation

Without signing in, you're just watching from the sidelines. Sign in or Register to connect, share, and be part of the Splunk Community.
Ask a Question

dashboard

Siddharthnegi
Contributor
‎10-06-2024 11:45 PM

Hi I have a Dashboard and i want to add a button , so when somebody solves that particular issue he/she can click on that button and it will change status to solved and it will be removed from dashboard.

for eg: I have a issue on a device and i solved that issue so then i can click on that button and it will make that issue status solved or will be removed from the dashboard.

Labels (1)
Labels
0 Karma
Reply

gcusello
SplunkTrust
SplunkTrust
‎10-07-2024 12:19 AM

Hi @Siddharthnegi ,

you can do this only displaying in your dashboard the records from a KV-Store lookup because Splunk isn't a database where you can delete records.

But a kv-store lookup is a database table in which you can store e.g. your open cases.

Then you have add an html button in your dashboard (Classic dashboard) and you have to create a java script that executes a search that deletes a record from the lookup and then displays again the updated lookup.

In other words, in the dashboard you ha to add:

<row>
    <panel>
      <html>
        <button class="btn btn-primary button1">Save</button>
        <a class="btn btn-primary" href="all_cases">Cancel</a>
      </html>
    </panel>
  </row>
  <row>

then you have to create a js like the following (obviously must to be adapted to your lookup to be inserted in $SPLUNK_HOME/etc/apps/<my_app>/appserver/static

require([
	"splunkjs/mvc",
	"splunkjs/mvc/searchmanager",
	"splunkjs/mvc/savedsearchmanager",
	"splunkjs/mvc/utils",
    "splunkjs/mvc/simplexml/ready!"
	], function(
		mvc,
		SearchManager,
        SavedSearchManager,
	) {
		var query;
		var tokens = mvc.Components.get("default");
		tokens.unset("status_to_update", null);
		tokens.unset("notes_to_update", null);
		tokens.unset("username_to_update", null);
	$(".button1").on("click", function (){
		//var tokens = mvc.Components.get("default");
		var username=Splunk.util.getConfigValue("USERNAME");      
		var mod_status = tokens.get("status_to_update");
		var mod_notes = tokens.get("notes_to_update");
		var mod_username = tokens.get("username_to_update");
		var username_updated = tokens.get("username_updated");
		var key = tokens.get("key");
		//alert(username_updated);
		//tokens.unset("status_to_update");		
		//tokens.unset("notes_to_update");
		//tokens.unset("username_to_update");
		if(mod_username==null) { } else { username=mod_username;}
		if (mod_status==null) {
			query = "| inputlookup open_cases | eval Notes=if(_key=\"" + key + "\",\"" + mod_notes + "\",Notes), Status=\"Work-in-progress\", User_Name=if(_key=\"" + key + "\",\"" + username + "\",User_Name) | search _key=\"" + key + "\" | outputlookup open_cases append=true | eval key=_key | collect addtime=true index=summary_alerts | eval Time=strftime(TimeStamp,\"%d/%m/%Y %H:%M:%S\"), key=_key | table key Time TimeStamp Alert_Name Description Status Notes User_Name";
			//alert (query);
		} else {
			query = "| inputlookup open_cases | eval Status=if(_key=\"" + key + "\",\"" + mod_status + "\",Status), Notes=if(_key=\"" + key + "\",\"" + mod_notes + "\",Notes), User_Name=if(_key=\"" + key + "\",\"" + username + "\",User_Name) | search _key=\"" + key + "\" | outputlookup open_cases append=true | eval key=_key | collect addtime=true index=summary_alerts | eval Time=strftime(TimeStamp,\"%d/%m/%Y %H:%M:%S\"), key=_key | table key Time TimeStamp Alert_Name Description Status Notes User_Name";
			//alert (query);
		}
		var ok = confirm("Are you sure?");
		if (ok){
			launchquery(query);
        } //else {
        //    alert('user did not click ok!');
        //}
    });
	function launchquery(query) {
		var mysearch = new SearchManager({
			id: "mysearch",
            autostart: "false",
            //search: "| inputlookup open_cases | eval Status=if(_key=\"$key$\",\"$status_updated$\",Status), Notes=if(_key=\"$key$\",\"$notes_updated$\",Notes), User_Name=if(_key=\"$key$\",\"$username_updated$\",User_Name) | search _key=\"$key$\" | outputlookup open_cases append=true | eval key=_key | collect addtime=true index=summary_alerts | eval Time=strftime(TimeStamp,\"%d/%m/%Y %H:%M:%S\"), key=_key | table key Time TimeStamp Alert_Name Description Status Notes User_Name"
			search: query
        });  
		mysearch.on('search:failed', function(properties) {
            // Print the entire properties object
            console.log("FAILED:", properties);
        });
        mysearch.on('search:progress', function(properties) {
            // Print just the event count from the search job
            console.log("IN PROGRESS.\nEvents so far:", properties.content.eventCount);
        });
        mysearch.on('search:done', function(properties) {
            // Print the search job properties
            console.log("DONE!\nSearch job properties:", properties.content);
        });
		window.location.reload();
	}
});

I cannot help you more because I'm not an expert in JS developing.

Ciao.

Giuseppe

0 Karma
Reply
Got questions? Get answers!

Join the Splunk Community Slack to learn, troubleshoot, and make connections with fellow Splunk practitioners in real time!

Meet up IRL or virtually!

Join Splunk User Groups to connect and learn in-person by region or remotely by topic or industry.

Get Updates on the Splunk Community!

Unlocking Unified Insights: New Gigamon Federated Search App for Splunk

In today’s data-heavy environment, organizations are caught in a data distribution dilemma. As data volumes ...

GA: New Data Management App in Splunk Platform

Streamlining Data Management: Introducing a unified experience in Splunk Managing data at scale shouldn’t feel ...

Announcing Modern Navigation: A New Era of Splunk User Experience

We are excited to introduce the Modern Navigation feature in the Splunk Platform, available to both cloud and ...