- Splunk Answers
- :
- Using Splunk
- :
- Reporting
- :
- Creating Data How Please Help!!
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark Topic
- Subscribe to Topic
- Mute Topic
- Printer Friendly Page
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Creating Data How Please Help!!
Hello can you help I am not the most technical and I have signed up to the UAT of Splunk.
Logged on as a Administrator and built a dashboard simply form a CSV file use in the Add Data Functionality path of creating a dashboard.
So I have a LIVE environment and when I go to add data this is not available, I see I have to add data using a Lookup functionality? I only want to create a dashboard based on a CSV that is it.
I am little confused training one way and not having this functionality available to me in Live?
I might be confused myself can you help. Do I need a lookup ? Plus when I uploaded file I get this error via the Lookup method of the flat CSV file I want to use. The File does not contain any invalid characters.
I am little bit nervous about what I have to do and I am confused on how this system
Please Please can you help...
Encountered the following error while trying to save: Invalid name: only alphanumeric characters, '-', '_', and '.' are allowed.
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi @simonafcbrown,
(relatively new member here as well so I might be wrong about some stuff and PLEASE anybody correct me if I write something wrong 🙂)
From what I understand from your post you have already indexed your csv file through the "add Data" function of Splunk. If not you have 2 options:
1.
Click the splunk logo(top left), click add Data and upload your csv as an input file.
During this process you can set an Index your Data will get sent into. (Default or custom Index)
To access this data in a search for your dashboard simply start your search with:
index=yourIndexName
searching with just this string will give you any indexed events in the selected time range!
Then you can follow up with your desired search.
2.
You can also create a Lookup from your csv Data.
A file with columns and rows can be loaded as a Lookup in Settings->Lookup->new file (Lookup table files)
Then also create a new Lookup Definition for your uploaded Lookup File.
You can access the created Lookup File in your search through:
| inputlookup yourLookupName
if all was done correctly you can search your source for data!
To add your search to a Dashboard just go to "Save as" in the top right of your search and create a Dashboard from there. You can also add Searches to existing Dashboards here if you pick "Existing"
I hope my explanation was helpful!
also for most of the questions you have, docs.splunk is your friend 🙂
https://docs.splunk.com/Documentation
Announcing Scheduled Export GA for Dashboard Studio
Extending Observability Content to Splunk Cloud
More Control Over Your Monitoring Costs with Archived Metrics GA in US-AWS!
