Dashboards & Visualizations

html module with rich text from token

mschellhouse
Path Finder

I have a dashboard with multiple panels. It is sort of a Summary / Detail show on click setup. One of the values that I am trying to pass from Summary(table) to a Detail (html) panel is a token that contains rich text html tags. I am getting the token to pass correctly but it just prints the html tags as plain text. If I paste the same information in the Detail panel via the Source view, it recognizes the tags and formats the text accordingly. How do I get the html panel to recognize the token value as the rich html tag based text?

0 Karma
1 Solution

niketn
Legend

@mschellhouse, if Splunk allows us to pass rich text with HTML tags instead of plain string, it will open up the dashboard for Cross Site Scripting attacks and even SQL Injection. Refer to one of my answers on similar lines: https://answers.splunk.com/answers/568209/how-to-prevent-injection-from-field-in-a-dashboard.html

So, when Splunk treats the Rich Text as plain text it is the intended behavior which is safe for your dashboards as well.

If you want to perform Rich text formatting, based on your use case you would need to try either one of the following two approach:
1) Simple XML CSS Extesion to apply styles for various dashboard elements (and JS Extension if you to dynamically change CSS class based on DOM element selector).
2) Use Simple XML JS Extension (with CSS Style for beautification) for using jQuery Selector to add HTML tags using underscore.js template.

Get the Splunk Dashboard Examples App from Splunkbase: https://splunkbase.splunk.com/app/1603/ and refer to
1) Table Cell Highlighting example which showcases Simple XML CSS Extension (using jQuery selector to apply required class for CSS) and
2) Table Icon(Rangemap) Example which showcases Simple XML JS Extension to use underscore.js to apply HTML template.

If you can add more details on what you are trying to achieve community will be able to assist you further.

____________________________________________
| makeresults | eval message= "Happy Splunking!!!"

View solution in original post

niketn
Legend

@mschellhouse, if Splunk allows us to pass rich text with HTML tags instead of plain string, it will open up the dashboard for Cross Site Scripting attacks and even SQL Injection. Refer to one of my answers on similar lines: https://answers.splunk.com/answers/568209/how-to-prevent-injection-from-field-in-a-dashboard.html

So, when Splunk treats the Rich Text as plain text it is the intended behavior which is safe for your dashboards as well.

If you want to perform Rich text formatting, based on your use case you would need to try either one of the following two approach:
1) Simple XML CSS Extesion to apply styles for various dashboard elements (and JS Extension if you to dynamically change CSS class based on DOM element selector).
2) Use Simple XML JS Extension (with CSS Style for beautification) for using jQuery Selector to add HTML tags using underscore.js template.

Get the Splunk Dashboard Examples App from Splunkbase: https://splunkbase.splunk.com/app/1603/ and refer to
1) Table Cell Highlighting example which showcases Simple XML CSS Extension (using jQuery selector to apply required class for CSS) and
2) Table Icon(Rangemap) Example which showcases Simple XML JS Extension to use underscore.js to apply HTML template.

If you can add more details on what you are trying to achieve community will be able to assist you further.

____________________________________________
| makeresults | eval message= "Happy Splunking!!!"

mschellhouse
Path Finder

Thanks for taking the time to write the detailed response.

0 Karma

niketn
Legend

@mschellhouse, do check out the two examples from Splunk Dashboard Examples app. Hopefully your issue will be resolved. If it does dont forget the Accept this Answer to mark your question as answered.

If not let us know the details of what you are trying and where you get stuck so that community members may be able to assist you with the same 🙂

____________________________________________
| makeresults | eval message= "Happy Splunking!!!"
0 Karma

mschellhouse
Path Finder

Inspecting the page, it looks like it is putting double quotes around my token value. It is likely saved that way in the lookup file that I am referencing. Is there a way to strip this out at display time within the HTML panel?

0 Karma
Get Updates on the Splunk Community!

Automatic Discovery Part 1: What is Automatic Discovery in Splunk Observability Cloud ...

If you’ve ever deployed a new database cluster, spun up a caching layer, or added a load balancer, you know it ...

Real-Time Fraud Detection: How Splunk Dashboards Protect Financial Institutions

Financial fraud isn't slowing down. If anything, it's getting more sophisticated. Account takeovers, credit ...

Splunk + ThousandEyes: Correlate frontend, app, and network data to troubleshoot ...

 Are you tired of troubleshooting delays caused by siloed frontend, application, and network data? We've got a ...