Dashboards & Visualizations
×

Join the Conversation

Without signing in, you're just watching from the sidelines. Sign in or Register to connect, share, and be part of the Splunk Community.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question

dashboard

Siddharthnegi
Contributor
‎10-06-2024 11:45 PM

Hi I have a Dashboard and i want to add a button , so when somebody solves that particular issue he/she can click on that button and it will change status to solved and it will be removed from dashboard.

for eg: I have a issue on a device and i solved that issue so then i can click on that button and it will make that issue status solved or will be removed from the dashboard.

Labels (1)
Labels
0 Karma
Reply

gcusello
SplunkTrust
SplunkTrust
‎10-07-2024 12:19 AM

Hi @Siddharthnegi ,

you can do this only displaying in your dashboard the records from a KV-Store lookup because Splunk isn't a database where you can delete records.

But a kv-store lookup is a database table in which you can store e.g. your open cases.

Then you have add an html button in your dashboard (Classic dashboard) and you have to create a java script that executes a search that deletes a record from the lookup and then displays again the updated lookup.

In other words, in the dashboard you ha to add:

<row>
    <panel>
      <html>
        <button class="btn btn-primary button1">Save</button>
        <a class="btn btn-primary" href="all_cases">Cancel</a>
      </html>
    </panel>
  </row>
  <row>

then you have to create a js like the following (obviously must to be adapted to your lookup to be inserted in $SPLUNK_HOME/etc/apps/<my_app>/appserver/static

require([
	"splunkjs/mvc",
	"splunkjs/mvc/searchmanager",
	"splunkjs/mvc/savedsearchmanager",
	"splunkjs/mvc/utils",
    "splunkjs/mvc/simplexml/ready!"
	], function(
		mvc,
		SearchManager,
        SavedSearchManager,
	) {
		var query;
		var tokens = mvc.Components.get("default");
		tokens.unset("status_to_update", null);
		tokens.unset("notes_to_update", null);
		tokens.unset("username_to_update", null);
	$(".button1").on("click", function (){
		//var tokens = mvc.Components.get("default");
		var username=Splunk.util.getConfigValue("USERNAME");      
		var mod_status = tokens.get("status_to_update");
		var mod_notes = tokens.get("notes_to_update");
		var mod_username = tokens.get("username_to_update");
		var username_updated = tokens.get("username_updated");
		var key = tokens.get("key");
		//alert(username_updated);
		//tokens.unset("status_to_update");		
		//tokens.unset("notes_to_update");
		//tokens.unset("username_to_update");
		if(mod_username==null) { } else { username=mod_username;}
		if (mod_status==null) {
			query = "| inputlookup open_cases | eval Notes=if(_key=\"" + key + "\",\"" + mod_notes + "\",Notes), Status=\"Work-in-progress\", User_Name=if(_key=\"" + key + "\",\"" + username + "\",User_Name) | search _key=\"" + key + "\" | outputlookup open_cases append=true | eval key=_key | collect addtime=true index=summary_alerts | eval Time=strftime(TimeStamp,\"%d/%m/%Y %H:%M:%S\"), key=_key | table key Time TimeStamp Alert_Name Description Status Notes User_Name";
			//alert (query);
		} else {
			query = "| inputlookup open_cases | eval Status=if(_key=\"" + key + "\",\"" + mod_status + "\",Status), Notes=if(_key=\"" + key + "\",\"" + mod_notes + "\",Notes), User_Name=if(_key=\"" + key + "\",\"" + username + "\",User_Name) | search _key=\"" + key + "\" | outputlookup open_cases append=true | eval key=_key | collect addtime=true index=summary_alerts | eval Time=strftime(TimeStamp,\"%d/%m/%Y %H:%M:%S\"), key=_key | table key Time TimeStamp Alert_Name Description Status Notes User_Name";
			//alert (query);
		}
		var ok = confirm("Are you sure?");
		if (ok){
			launchquery(query);
        } //else {
        //    alert('user did not click ok!');
        //}
    });
	function launchquery(query) {
		var mysearch = new SearchManager({
			id: "mysearch",
            autostart: "false",
            //search: "| inputlookup open_cases | eval Status=if(_key=\"$key$\",\"$status_updated$\",Status), Notes=if(_key=\"$key$\",\"$notes_updated$\",Notes), User_Name=if(_key=\"$key$\",\"$username_updated$\",User_Name) | search _key=\"$key$\" | outputlookup open_cases append=true | eval key=_key | collect addtime=true index=summary_alerts | eval Time=strftime(TimeStamp,\"%d/%m/%Y %H:%M:%S\"), key=_key | table key Time TimeStamp Alert_Name Description Status Notes User_Name"
			search: query
        });  
		mysearch.on('search:failed', function(properties) {
            // Print the entire properties object
            console.log("FAILED:", properties);
        });
        mysearch.on('search:progress', function(properties) {
            // Print just the event count from the search job
            console.log("IN PROGRESS.\nEvents so far:", properties.content.eventCount);
        });
        mysearch.on('search:done', function(properties) {
            // Print the search job properties
            console.log("DONE!\nSearch job properties:", properties.content);
        });
		window.location.reload();
	}
});

I cannot help you more because I'm not an expert in JS developing.

Ciao.

Giuseppe

0 Karma
Reply
Get Updates on the Splunk Community!

[Puzzles] Solve, Learn, Repeat: Dynamic formatting from XML events

This challenge was first posted on Slack #puzzles channelFor a previous puzzle, I needed a set of fixed-length ...

Enter the Agentic Era with Splunk AI Assistant for SPL 1.4

  &#x1f680; Your data just got a serious AI upgrade — are you ready? Say hello to the Agentic Era with the ...

Stronger Security with Federated Search for S3, GCP SQL & Australian Threat ...

Splunk Lantern is a Splunk customer success center that provides advice from Splunk experts on valuable data ...