Dashboards & Visualizations

html module with rich text from token

mschellhouse
Path Finder

I have a dashboard with multiple panels. It is sort of a Summary / Detail show on click setup. One of the values that I am trying to pass from Summary(table) to a Detail (html) panel is a token that contains rich text html tags. I am getting the token to pass correctly but it just prints the html tags as plain text. If I paste the same information in the Detail panel via the Source view, it recognizes the tags and formats the text accordingly. How do I get the html panel to recognize the token value as the rich html tag based text?

0 Karma
1 Solution

niketn
Legend

@mschellhouse, if Splunk allows us to pass rich text with HTML tags instead of plain string, it will open up the dashboard for Cross Site Scripting attacks and even SQL Injection. Refer to one of my answers on similar lines: https://answers.splunk.com/answers/568209/how-to-prevent-injection-from-field-in-a-dashboard.html

So, when Splunk treats the Rich Text as plain text it is the intended behavior which is safe for your dashboards as well.

If you want to perform Rich text formatting, based on your use case you would need to try either one of the following two approach:
1) Simple XML CSS Extesion to apply styles for various dashboard elements (and JS Extension if you to dynamically change CSS class based on DOM element selector).
2) Use Simple XML JS Extension (with CSS Style for beautification) for using jQuery Selector to add HTML tags using underscore.js template.

Get the Splunk Dashboard Examples App from Splunkbase: https://splunkbase.splunk.com/app/1603/ and refer to
1) Table Cell Highlighting example which showcases Simple XML CSS Extension (using jQuery selector to apply required class for CSS) and
2) Table Icon(Rangemap) Example which showcases Simple XML JS Extension to use underscore.js to apply HTML template.

If you can add more details on what you are trying to achieve community will be able to assist you further.

____________________________________________
| makeresults | eval message= "Happy Splunking!!!"

View solution in original post

niketn
Legend

@mschellhouse, if Splunk allows us to pass rich text with HTML tags instead of plain string, it will open up the dashboard for Cross Site Scripting attacks and even SQL Injection. Refer to one of my answers on similar lines: https://answers.splunk.com/answers/568209/how-to-prevent-injection-from-field-in-a-dashboard.html

So, when Splunk treats the Rich Text as plain text it is the intended behavior which is safe for your dashboards as well.

If you want to perform Rich text formatting, based on your use case you would need to try either one of the following two approach:
1) Simple XML CSS Extesion to apply styles for various dashboard elements (and JS Extension if you to dynamically change CSS class based on DOM element selector).
2) Use Simple XML JS Extension (with CSS Style for beautification) for using jQuery Selector to add HTML tags using underscore.js template.

Get the Splunk Dashboard Examples App from Splunkbase: https://splunkbase.splunk.com/app/1603/ and refer to
1) Table Cell Highlighting example which showcases Simple XML CSS Extension (using jQuery selector to apply required class for CSS) and
2) Table Icon(Rangemap) Example which showcases Simple XML JS Extension to use underscore.js to apply HTML template.

If you can add more details on what you are trying to achieve community will be able to assist you further.

____________________________________________
| makeresults | eval message= "Happy Splunking!!!"

mschellhouse
Path Finder

Thanks for taking the time to write the detailed response.

0 Karma

niketn
Legend

@mschellhouse, do check out the two examples from Splunk Dashboard Examples app. Hopefully your issue will be resolved. If it does dont forget the Accept this Answer to mark your question as answered.

If not let us know the details of what you are trying and where you get stuck so that community members may be able to assist you with the same 🙂

____________________________________________
| makeresults | eval message= "Happy Splunking!!!"
0 Karma

mschellhouse
Path Finder

Inspecting the page, it looks like it is putting double quotes around my token value. It is likely saved that way in the lookup file that I am referencing. Is there a way to strip this out at display time within the HTML panel?

0 Karma
Get Updates on the Splunk Community!

.conf24 | Registration Open!

Hello, hello! I come bearing good news: Registration for .conf24 is now open!   conf is Splunk’s rad annual ...

Splunk is officially part of Cisco

Revolutionizing how our customers build resilience across their entire digital footprint.   Splunk ...

Splunk APM & RUM | Planned Maintenance March 26 - March 28, 2024

There will be planned maintenance for Splunk APM and RUM between March 26, 2024 and March 28, 2024 as ...