Dashboards & Visualizations
cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 
Ask a Question
Solved! Jump to solution

html module with rich text from token

mschellhouse
Path Finder
‎11-02-2017 09:10 AM

I have a dashboard with multiple panels. It is sort of a Summary / Detail show on click setup. One of the values that I am trying to pass from Summary(table) to a Detail (html) panel is a token that contains rich text html tags. I am getting the token to pass correctly but it just prints the html tags as plain text. If I paste the same information in the Detail panel via the Source view, it recognizes the tags and formats the text accordingly. How do I get the html panel to recognize the token value as the rich html tag based text?

0 Karma
Reply
1 Solution
Solved! Jump to solution
Solution

niketn
Legend
‎11-14-2017 10:12 AM

@mschellhouse, if Splunk allows us to pass rich text with HTML tags instead of plain string, it will open up the dashboard for Cross Site Scripting attacks and even SQL Injection. Refer to one of my answers on similar lines: https://answers.splunk.com/answers/568209/how-to-prevent-injection-from-field-in-a-dashboard.html

So, when Splunk treats the Rich Text as plain text it is the intended behavior which is safe for your dashboards as well.

If you want to perform Rich text formatting, based on your use case you would need to try either one of the following two approach:
1) Simple XML CSS Extesion to apply styles for various dashboard elements (and JS Extension if you to dynamically change CSS class based on DOM element selector).
2) Use Simple XML JS Extension (with CSS Style for beautification) for using jQuery Selector to add HTML tags using underscore.js template.

Get the Splunk Dashboard Examples App from Splunkbase: https://splunkbase.splunk.com/app/1603/ and refer to
1) Table Cell Highlighting example which showcases Simple XML CSS Extension (using jQuery selector to apply required class for CSS) and
2) Table Icon(Rangemap) Example which showcases Simple XML JS Extension to use underscore.js to apply HTML template.

If you can add more details on what you are trying to achieve community will be able to assist you further.

____________________________________________
| makeresults | eval message= "Happy Splunking!!!"

View solution in original post

Reply
Solved! Jump to solution
Solution

niketn
Legend
‎11-14-2017 10:12 AM

@mschellhouse, if Splunk allows us to pass rich text with HTML tags instead of plain string, it will open up the dashboard for Cross Site Scripting attacks and even SQL Injection. Refer to one of my answers on similar lines: https://answers.splunk.com/answers/568209/how-to-prevent-injection-from-field-in-a-dashboard.html

So, when Splunk treats the Rich Text as plain text it is the intended behavior which is safe for your dashboards as well.

If you want to perform Rich text formatting, based on your use case you would need to try either one of the following two approach:
1) Simple XML CSS Extesion to apply styles for various dashboard elements (and JS Extension if you to dynamically change CSS class based on DOM element selector).
2) Use Simple XML JS Extension (with CSS Style for beautification) for using jQuery Selector to add HTML tags using underscore.js template.

Get the Splunk Dashboard Examples App from Splunkbase: https://splunkbase.splunk.com/app/1603/ and refer to
1) Table Cell Highlighting example which showcases Simple XML CSS Extension (using jQuery selector to apply required class for CSS) and
2) Table Icon(Rangemap) Example which showcases Simple XML JS Extension to use underscore.js to apply HTML template.

If you can add more details on what you are trying to achieve community will be able to assist you further.

____________________________________________
| makeresults | eval message= "Happy Splunking!!!"
Reply
Solved! Jump to solution

mschellhouse
Path Finder
‎11-14-2017 10:24 AM

Thanks for taking the time to write the detailed response.

0 Karma
Reply
Solved! Jump to solution

niketn
Legend
‎11-14-2017 11:53 AM

@mschellhouse, do check out the two examples from Splunk Dashboard Examples app. Hopefully your issue will be resolved. If it does dont forget the Accept this Answer to mark your question as answered.

If not let us know the details of what you are trying and where you get stuck so that community members may be able to assist you with the same 🙂

____________________________________________
| makeresults | eval message= "Happy Splunking!!!"
0 Karma
Reply
Solved! Jump to solution

mschellhouse
Path Finder
‎11-02-2017 09:20 AM

Inspecting the page, it looks like it is putting double quotes around my token value. It is likely saved that way in the lookup file that I am referencing. Is there a way to strip this out at display time within the HTML panel?

0 Karma
Reply
Get Updates on the Splunk Community!

Unleash Unified Security and Observability with Splunk Cloud Platform

     Now Available on Microsoft AzureThursday, March 27, 2025  |  11AM PST / 2PM EST | Register NowStep boldly ...

Splunk AppDynamics with Cisco Secure Application

Web applications unfortunately present a target rich environment for security vulnerabilities and attacks. ...

New Splunk Innovations Enhance Performance and Accelerate Troubleshooting

Splunk is excited to announce new releases that empower ITOps and engineering teams to stay ahead in ever ...
Top