Getting Data In
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question
Highlighted

How do I create visualizations using JSON data?

angshul
Path Finder
‎07-09-2019 01:14 PM

I have some log files which I'm serializing into a JSON object and sending it to a Splunk App dashboard (through HTTP Event Collector).
The data is displayed on the dashboard as shown below:
data: { [-]
b1: FDh

b2345: 00 00 00 00
eid: 31h

msg: 00h

serialNo: 1
sev: 00h

sid: 03h

sta: FEh

timeStamp: 2019-04-29T12:55:46
}
(I don't have any files that I can upload and perform searching. I'm using code to read some text files and converting them to JSON which is directly sent to the Splunk server)
Is there a way to create graphs/charts using this data on the dashboard?

0 Karma
Reply
Highlighted

Re: How do I create visualizations using JSON data?

woodcock
Esteemed Legend
‎07-09-2019 03:37 PM

If you set KV_MODE = json in props.conf for your sourcetype, all the fields should be available for you to use and dashboard upon.

0 Karma
Reply