Are you a member of the Splunk Community?
- Find Answers
- :
- Splunk Platform
- :
- Splunk Enterprise
- :
- How do I read the values from a dashboard table in...
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark Topic
- Subscribe to Topic
- Mute Topic
- Printer Friendly Page
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hello!
My objective is to read the values of a Spunk table visualization from a dashboard into a JavaScript object for further processing. I'm not sure what object yet, but my main issue lies with iterating through the table and extracting the cell values.
Can anybody provide some sample JS code for identifying the table object and interating through its values?
Thanks!
Andrew
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I would probably have done search parsing through Python but it can be done using Javascript.
Create a blocking search which will wait until the search in finished then reference the job object results field. The results can then be mapped to a list or dictionary for use. Once you have completed the tasks associated with the search values it can be rendered back to the dashboard.
require([],
function() {
var splunkWebHttp = new splunkjs.SplunkWebHttp();
var service = new splunkjs.Service(splunkWebHttp);
var searchQuery = "search index=_internal | head 5";
var searchParams = {exec_mode: "blocking"};
service.search(
searchQuery,
searchParams,
function(err, job) {
job.fetch(function(err){
console.log("Job ID: " + job.sid);
console.log("Max Results: " + job.properties().resultCount);
// iterate results by row
job.results({}, function(err, results) {
var fields = results.fields;
var rows = results.rows;
for(var i = 0; i < rows.length; i++) {
var values = rows[i];
console.log("Row " + i + ": ");
for(var j = 0; j < values.length; j++) {
var field = fields[j];
var value = values[j];
console.log(" " + field + ": " + value);
}
}
})
});
});
})
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I would probably have done search parsing through Python but it can be done using Javascript.
Create a blocking search which will wait until the search in finished then reference the job object results field. The results can then be mapped to a list or dictionary for use. Once you have completed the tasks associated with the search values it can be rendered back to the dashboard.
require([],
function() {
var splunkWebHttp = new splunkjs.SplunkWebHttp();
var service = new splunkjs.Service(splunkWebHttp);
var searchQuery = "search index=_internal | head 5";
var searchParams = {exec_mode: "blocking"};
service.search(
searchQuery,
searchParams,
function(err, job) {
job.fetch(function(err){
console.log("Job ID: " + job.sid);
console.log("Max Results: " + job.properties().resultCount);
// iterate results by row
job.results({}, function(err, results) {
var fields = results.fields;
var rows = results.rows;
for(var i = 0; i < rows.length; i++) {
var values = rows[i];
console.log("Row " + i + ": ");
for(var j = 0; j < values.length; j++) {
var field = fields[j];
var value = values[j];
console.log(" " + field + ": " + value);
}
}
})
});
});
})
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
@jcraumer Thanks for this example, exactly what I need!
Fun with Regular Expression - multiples of nine
[Live Demo] Watch SOC transformation in action with the reimagined Splunk Enterprise ...
What’s New & Next in Splunk SOAR
