Solved: How to add a form for user input on a dashboard to...

raindrop18 · ‎02-28-2016

I have a dashboard using multiple sources and I would like to replace the fixed host input ( host=prdo*) with manual input by a user. This way, a user can add one or more host names and the dashboard will give all the statuses for that option. Is that possible?

Panel =1

index=prod* source=prodLog host=pr*-* "timeout" OR "error" OR "timed-out" OR "exception" AND NOT "step*time" | timechart count as timeout span=1h

Panel = 2

index=aws-production source=prodLog host=pr*-* "green" OR "blue" OR "red" AND NOT "white" | timechart count as Colorstatus span=1h

Currently, the dashboard extracts data from all hosts. My objective is for users to be able to search from the host they are interested in. Also, this will be great if this input can be used/shared on all panels just like "time range selector".

gyslainlatsa · ‎02-28-2016

hi,

try with this example

<form>
  <label>-------------------------------</label>
  <description>----------------------------------------</description>
  <fieldset autoRun="true" submitButton="false">
    <input type="time" token="tm" searchWhenChanged="true">
      <label>Select a time:</label>
      <default>Last 24 hours</default>
    </input>

  <input type="text" token="host_name" searchWhenChanged="true">
    <label>Enter a host:</label>
    <default>pr*-*</default>
  </input>

</fieldset>
  <row>
    <chart>
      <title>Panel1</title>
      <search>
        <query>index=prod* source=prodLog host=$host_name$ "timeout" OR "error" OR "timed-out" OR "exception" AND NOT "step*time"
       | timechart count as timeout span=1h</query>
      </search>
      <earliestTime>$tm.earliestTime$</earliestTime>
      <latestTime>$tm.latestTime$</latestTime>
      <option name="charting.chart">column</option>
    </chart>
    <table>
      <title>Panel2</title>
      <search>
        <query>index=aws-production source=prodLog host=$host_name$" green" OR "blue" OR "red" AND NOT "white" 
         | timechart count as Colorstatus span=1h</query>
      </search>
      <earliestTime>$tm.earliestTime$</earliestTime>
      <latestTime>$tm.latestTime$</latestTime>
      <option name="wrap">true</option>
      <option name="displayRowNumbers">true</option>
      <option name="dataOverlayMode">none</option>
      <option name="drilldown">row</option>
      <option name="count">5</option>
    </table>
  </row>
</form>

View solution in original post

gyslainlatsa · ‎02-28-2016

hi,

try with this example

<form>
  <label>-------------------------------</label>
  <description>----------------------------------------</description>
  <fieldset autoRun="true" submitButton="false">
    <input type="time" token="tm" searchWhenChanged="true">
      <label>Select a time:</label>
      <default>Last 24 hours</default>
    </input>

  <input type="text" token="host_name" searchWhenChanged="true">
    <label>Enter a host:</label>
    <default>pr*-*</default>
  </input>

</fieldset>
  <row>
    <chart>
      <title>Panel1</title>
      <search>
        <query>index=prod* source=prodLog host=$host_name$ "timeout" OR "error" OR "timed-out" OR "exception" AND NOT "step*time"
       | timechart count as timeout span=1h</query>
      </search>
      <earliestTime>$tm.earliestTime$</earliestTime>
      <latestTime>$tm.latestTime$</latestTime>
      <option name="charting.chart">column</option>
    </chart>
    <table>
      <title>Panel2</title>
      <search>
        <query>index=aws-production source=prodLog host=$host_name$" green" OR "blue" OR "red" AND NOT "white" 
         | timechart count as Colorstatus span=1h</query>
      </search>
      <earliestTime>$tm.earliestTime$</earliestTime>
      <latestTime>$tm.latestTime$</latestTime>
      <option name="wrap">true</option>
      <option name="displayRowNumbers">true</option>
      <option name="dataOverlayMode">none</option>
      <option name="drilldown">row</option>
      <option name="count">5</option>
    </table>
  </row>
</form>

raindrop18 · ‎02-28-2016

thanks ! there is no input (form) created I just got "-------------------------------
----------------------------------------" above time selector. and the dash-board itself say " waiting for input"

gyslainlatsa · ‎02-29-2016

sorry I had made a mistake in the code but I corrected.

copy the new code and try again

raindrop18 · ‎02-29-2016

thanks, all good now!!!

gyslainlatsa · ‎02-29-2016

happy for you,

don't forget to accepted and vote my answers

gyslainlatsa · ‎02-28-2016

hi,
Yes it's possible,
displays your code I try to help you

raindrop18 · ‎02-28-2016

thanks much! I have updated the question. so the dashboard has 10 panel but I have the code from the 2 panels.

gyslainlatsa · ‎02-28-2016

you want to add a box to allow the user to enter the name of the host it wants and select the timerange he wants?

raindrop18 · ‎02-28-2016

I have already time-range selector, I want the box enter the host name.

How to add a form for user input on a dashboard to only run panel searches for data from certain hosts?

Routing logs with Splunk OTel Collector for Kubernetes

Welcome to the Splunk Community!

Tech Talk | Elevating Digital Service Excellence: The Synergy of Splunk RUM & APM