Splunk Customized dashboard creation

sankardevarajan · ‎05-14-2024

Need a report based on previous day
I have source ip segment xx.xx.xx.xx/28, & destination ip segment xx.xx.xx/24

outcome of query should provide below

Date and start + end time of the connection
USERNAME
APPLICATION:PORT & PROTOCOL
APPLICATION SEGMENTS
ACCESS POLICY NAME
ACTION
how can i create customized dashboard, please suggest.

ITWhisperer · ‎05-14-2024

Start with a search that returns the data you are interested in visualising. Do you have this already?

sankardevarajan · ‎05-14-2024

No. i dont have customized dasboard, can you please share some reference query?

ITWhisperer · ‎05-14-2024

You don't need a dashboard to create a search - just use the search and reporting interface to find the events you are interested in. Do you know what these events are?

Splunk Customized dashboard creation

workflow action

Join the Splunk Community Slack to learn, troubleshoot, and make connections with fellow Splunk practitioners in real time!

Join Splunk User Groups to connect and learn in-person by region or remotely by topic or industry.

Painting a Clearer Picture: Creating Cross-Domain Visibility with AI Canvas

Analytics Workspace deprecation

Splunk Developer Day Recap: Building, Publishing, and Growing on the Splunk Platform

Join the Conversation

Splunk Customized dashboard creation

workflow action

Join the Splunk Community Slack to learn, troubleshoot, and make connections with fellow Splunk practitioners in real time!

Join Splunk User Groups to connect and learn in-person by region or remotely by topic or industry.

Painting a Clearer Picture: Creating Cross-Domain Visibility with AI Canvas

Analytics Workspace deprecation

Splunk Developer Day Recap: Building, Publishing, and Growing on the Splunk Platform