Splunk Search
×

Join the Conversation

Without signing in, you're just watching from the sidelines. Sign in or Register to connect, share, and be part of the Splunk Community.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question

Does anyone already have a Formatter (User defined language) for Splunk search text or dashboard XMLs on Eclipse or Notepad++?

koprai
Explorer
‎01-06-2015 11:57 AM

Searched a bit, but could find anything. Does anyone already have a Formatter for Splunk search text or Splunk dashboard XMLs (that include prettying the embedded search elements). Ideal if it is pluggable with Notepad++ or Eclipse.

Even though I write the searchTemplate and searchPostProcesses with proper indentation and line breaks on the dashboard XML, when I explore the search via the panel, the search indentations get lost. Indentations also get lost if dashboard.xml gets overwritten as a result of panel edits. Without indentation and formatting, it is very difficult to understand complicated queries.

A formatter that does indentation and line-breaks based on “|” and “[“ and “]” would be great. I know it is possible to define User Defined Language formatter in notepad++ and Eclipse. I wanted to know if someone already has it or if there is a Splunk Formatted App.. IMO native search text formatting should be a feature request for Splunk (both in dashboard XMLs and in search box)

Reply

mew1033
Explorer
‎11-28-2016 12:38 PM

I found one here: http://www.bbosearch.com/pretty
I'd really like to turn it into a sublime plugin or something...

0 Karma
Reply

MuS
SplunkTrust
SplunkTrust
‎01-06-2015 12:00 PM

not an real answer to your question but nice anyways https://github.com/yorokobi/vim-splunk

Reply
Get Updates on the Splunk Community!

Purpose in Action: How Splunk Is Helping Power an Inclusive Future for All

At Cisco, purpose isn’t a tagline—it’s a commitment. Cisco’s FY25 Purpose Report outlines how the company is ...

[Upcoming Webinar] Demo Day: Transforming IT Operations with Splunk

Join us for a live Demo Day at the Cisco Store on January 21st 10:00am - 11:00am PST In the fast-paced world ...

New Year. New Skills. New Course Releases from Splunk Education

A new year often inspires reflection—and reinvention. Whether your goals include strengthening your security ...