Splunk Search
×

Join the Conversation

Without signing in, you're just watching from the sidelines. Sign in or Register to connect, share, and be part of the Splunk Community.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question

How to create dashboards so they update/refresh search results?

CREVITCH
Path Finder
‎01-19-2016 02:56 PM

I save dashboards from both search and report, and it appears that the dashboards run the search every time it is brought up, but does not refresh after that. I have read that it is supposed to display the cached search. What is the proper way to create dashboards so that they update properly. Is there a way to do this from Splunk Web or only in XML?

0 Karma
Reply

s2_splunk
Splunk Employee
Splunk Employee
‎01-19-2016 03:30 PM

Save your searches as reports (saved searches) and use the saved search name in your dashboards. The results of a saved search are kept in the dispatch directory for twice as long as your search timeframe, i.e. if you search over the past 4 hours, search results will be cached for 8 hours (by default) before being reaped.
Not sure what you meant with your second question in your comment.

0 Karma
Reply

CREVITCH
Path Finder
‎01-19-2016 02:57 PM

also is there any way to just display the results of an alert on a dashboard? The schedule is already in the alert. It would be nice to just display the results rather than create a new search.

0 Karma
Reply
Get Updates on the Splunk Community!

Upcoming Webinar: Unmasking Insider Threats with Slunk Enterprise Security’s UEBA

Join us on Wed, Dec 10. at 10AM PST / 1PM EST for a live webinar and demo with Splunk experts! Discover how ...

.conf25 technical session recap of Observability for Gen AI: Monitoring LLM ...

If you’re unfamiliar, .conf is Splunk’s premier event where the Splunk community, customers, partners, and ...

A Season of Skills: New Splunk Courses to Light Up Your Learning Journey

There’s something special about this time of year—maybe it’s the glow of the holidays, maybe it’s the ...