Splunk Search
×

Join the Conversation

Without signing in, you're just watching from the sidelines. Sign in or Register to connect, share, and be part of the Splunk Community.
Ask a Question
Solved! Jump to solution

How to embed a timechart visualization from a Splunk query into a web app?

emiliavanderwer
Explorer
‎08-30-2018 08:06 AM

I have the following Splunk query that produces the following visualization:

alt text

I would like to embed this exact visualization into a web app using an iframe. How can I do this?

Currently, I am using the Splunk HTTP REST API and can submit & get the results back from this search using the following endpoint:
/servicesNS/nameofmyapp/nameofmynamespace/search/jobs/1535641234.45678?output_mode=json

However, I would like a src URL to the visualization that can be embedded in an iframe. Is there an endpoint that I can query instead that will give the URL to the visualization?

Preview file
55 KB
Reply
1 Solution
Solved! Jump to solution
Solution

aromanauskas
Path Finder
‎08-30-2018 10:03 AM

You have two basic options for providing visual data in an external application with Splunk.

Option 1: Grab the data with directly from a job. Then using a local application turn that data into a visualization.

Option 2: Use the SplunkJS Framework. To both pull the data from Splunk and create the visualization.

Option 2 in my opinion is a little bit easier since you don't need to learn how to convert the data to be usable by whatever viz tool you're going to choose, ie (Ds3.js). You can either jump over to the SplunkJS manual, or there is a really simple version in
"Learning Splunk Web Framework" by Vincent Sesto/Packt Pub 9781786462947 .

The basics though are:

  • Install a websever Nginx or Apache
  • Configure a proxy between the webserver and Splunk
  • Install the SplunkJS SDK
  • Add HTML / JS for search
  • Add HTML / JS for charts

View solution in original post

Reply
Solved! Jump to solution

aromanauskas
Path Finder
‎08-30-2018 11:17 AM

If you are using a homegrown C# SDK or the Splunk C# SDK then there are a few options.

Option 1, use D3.js for the visualization:
ASP example for D3

Option 2, convert OR incorporate the Splunk C# SDK which has the ability to create charts. Timeline for example: Charting Adapter

0 Karma
Reply
Solved! Jump to solution
Solution

aromanauskas
Path Finder
‎08-30-2018 10:03 AM

You have two basic options for providing visual data in an external application with Splunk.

Option 1: Grab the data with directly from a job. Then using a local application turn that data into a visualization.

Option 2: Use the SplunkJS Framework. To both pull the data from Splunk and create the visualization.

Option 2 in my opinion is a little bit easier since you don't need to learn how to convert the data to be usable by whatever viz tool you're going to choose, ie (Ds3.js). You can either jump over to the SplunkJS manual, or there is a really simple version in
"Learning Splunk Web Framework" by Vincent Sesto/Packt Pub 9781786462947 .

The basics though are:

  • Install a websever Nginx or Apache
  • Configure a proxy between the webserver and Splunk
  • Install the SplunkJS SDK
  • Add HTML / JS for search
  • Add HTML / JS for charts
Reply
Solved! Jump to solution

emiliavanderwer
Explorer
‎08-30-2018 10:11 AM

Thank you for your response. Option 2 is a little bit complicated because the web app is ASP.NET and written in C#. The way we have our current framework is we wrote a custom C# Splunk SDK that grabs the data.

Is there any way to pull the data from Splunk within our C# SDK and pass the data to the SplunkJS framework to create the visualization (instead of letting the SplunkJS SDK do both of the steps)?

0 Karma
Reply
Solved! Jump to solution

mstjohn_splunk
Splunk Employee
Splunk Employee
‎08-30-2018 10:28 AM

hey @emiliavanderwerf , Looks like @aronmanauskas answered your question! What a nice user. Would you mind tossing them a like? Our users live for those likes 🙂

Reply
Solved! Jump to solution

emiliavanderwer
Explorer
‎08-30-2018 10:30 AM

Liked. Thanks!

Reply
Got questions? Get answers!

Join the Splunk Community Slack to learn, troubleshoot, and make connections with fellow Splunk practitioners in real time!

Meet up IRL or virtually!

Join Splunk User Groups to connect and learn in-person by region or remotely by topic or industry.

Get Updates on the Splunk Community!

Announcing Modern Navigation: A New Era of Splunk User Experience

We are excited to introduce the Modern Navigation feature in the Splunk Platform, available to both cloud and ...

Modernize your Splunk Apps – Introducing Python 3.13 in Splunk

We are excited to announce that the upcoming releases of Splunk Enterprise 10.2.x and Splunk Cloud Platform ...

Step into “Hunt the Insider: An Splunk ES Premier Mystery” to catch a cybercriminal ...

After a whole week of being on call, you fell asleep on your keyboard, and you hit a sequence of buttons that ...