- Splunk Answers
- :
- Using Splunk
- :
- Dashboards & Visualizations
- :
- Re: html module with rich text from token
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark Topic
- Subscribe to Topic
- Mute Topic
- Printer Friendly Page
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I have a dashboard with multiple panels. It is sort of a Summary / Detail show on click setup. One of the values that I am trying to pass from Summary(table) to a Detail (html) panel is a token that contains rich text html tags. I am getting the token to pass correctly but it just prints the html tags as plain text. If I paste the same information in the Detail panel via the Source view, it recognizes the tags and formats the text accordingly. How do I get the html panel to recognize the token value as the rich html tag based text?
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
@mschellhouse, if Splunk allows us to pass rich text with HTML tags instead of plain string, it will open up the dashboard for Cross Site Scripting attacks and even SQL Injection. Refer to one of my answers on similar lines: https://answers.splunk.com/answers/568209/how-to-prevent-injection-from-field-in-a-dashboard.html
So, when Splunk treats the Rich Text as plain text it is the intended behavior which is safe for your dashboards as well.
If you want to perform Rich text formatting, based on your use case you would need to try either one of the following two approach:
1) Simple XML CSS Extesion to apply styles for various dashboard elements (and JS Extension if you to dynamically change CSS class based on DOM element selector).
2) Use Simple XML JS Extension (with CSS Style for beautification) for using jQuery Selector to add HTML tags using underscore.js template.
Get the Splunk Dashboard Examples App from Splunkbase: https://splunkbase.splunk.com/app/1603/ and refer to
1) Table Cell Highlighting example which showcases Simple XML CSS Extension (using jQuery selector to apply required class for CSS) and
2) Table Icon(Rangemap) Example which showcases Simple XML JS Extension to use underscore.js to apply HTML template.
If you can add more details on what you are trying to achieve community will be able to assist you further.
| makeresults | eval message= "Happy Splunking!!!"
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
@mschellhouse, if Splunk allows us to pass rich text with HTML tags instead of plain string, it will open up the dashboard for Cross Site Scripting attacks and even SQL Injection. Refer to one of my answers on similar lines: https://answers.splunk.com/answers/568209/how-to-prevent-injection-from-field-in-a-dashboard.html
So, when Splunk treats the Rich Text as plain text it is the intended behavior which is safe for your dashboards as well.
If you want to perform Rich text formatting, based on your use case you would need to try either one of the following two approach:
1) Simple XML CSS Extesion to apply styles for various dashboard elements (and JS Extension if you to dynamically change CSS class based on DOM element selector).
2) Use Simple XML JS Extension (with CSS Style for beautification) for using jQuery Selector to add HTML tags using underscore.js template.
Get the Splunk Dashboard Examples App from Splunkbase: https://splunkbase.splunk.com/app/1603/ and refer to
1) Table Cell Highlighting example which showcases Simple XML CSS Extension (using jQuery selector to apply required class for CSS) and
2) Table Icon(Rangemap) Example which showcases Simple XML JS Extension to use underscore.js to apply HTML template.
If you can add more details on what you are trying to achieve community will be able to assist you further.
| makeresults | eval message= "Happy Splunking!!!"
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Thanks for taking the time to write the detailed response.
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
@mschellhouse, do check out the two examples from Splunk Dashboard Examples app. Hopefully your issue will be resolved. If it does dont forget the Accept this Answer to mark your question as answered.
If not let us know the details of what you are trying and where you get stuck so that community members may be able to assist you with the same 🙂
| makeresults | eval message= "Happy Splunking!!!"
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Inspecting the page, it looks like it is putting double quotes around my token value. It is likely saved that way in the lookup file that I am referencing. Is there a way to strip this out at display time within the HTML panel?
.conf24 | Registration Open!
ICYMI - Check out the latest releases of Splunk Edge Processor
Introducing the 2024 SplunkTrust!
