Splunk Search
×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question
Solved! Jump to solution

How to make rows in red color of a search output If some condition met

kml_uvce
Builder
‎11-13-2011 08:25 AM

I want to make rows in red color of a search output If some condition met like my search is
index="siebel_mon" SourceName=Siebel Message="Siebel 7 -" |fields _time,siebel_message,EventCode

, So in search output the row should be in red color If EventCode=113.
Please help me on this.
-Kamal

kamal singh bisht
Tags (2)
0 Karma
Reply
1 Solution
Solved! Jump to solution
Solution

Takajian
Builder
‎11-13-2011 03:23 PM

If you want to color your search result, you can use rangemap or eventtype with css. You can refer to following answer.

http://splunk-base.splunk.com/answers/8775/configure-colour-coded-results-by-default

Hope this help.

View solution in original post

Reply
Solved! Jump to solution

nfilippi_splunk
Splunk Employee
Splunk Employee
‎10-30-2014 08:51 AM

Check out the following app:

Splunk 6.x Dashboard Examples (https://apps.splunk.com/app/1603/)

This app includes an example, "Table Row Highlighting", that may be copied/used for your purposes.

Some things you'll need to do:

  • Add custom javascript to your app's appserver/static directory
  • Add custom css to your app's appserver/static directory
  • You will need to restart splunkd or splunkweb
  • Load these custom js/css files with your dashboard
  • Add id to your table element
  • Modify js to link to the table, cells, and to include the correct logic

Example source:

<dashboard script="table_row_highlighting.js" stylesheet="table_decorations.css">
    <label>Table Row Highlighting</label>

    <row>
        <table id="highlight">
            <title>Row Coloring</title>
            <searchString>index=_internal sourcetype=splunkd component=Metrics group=search_concurrency | eval user=coalesce(user, "system total") | bucket _time span=1h | stats avg(active_hist_searches) as active_hist_searches avg(active_realtime_searches) as active_realtime_searches by _time,user</searchString>
            <earliestTime>-24h</earliestTime>
            <option name="drilldown">none</option>
        </table>
    </row>

</dashboard>
0 Karma
Reply
Solved! Jump to solution
Solution

Takajian
Builder
‎11-13-2011 03:23 PM

If you want to color your search result, you can use rangemap or eventtype with css. You can refer to following answer.

http://splunk-base.splunk.com/answers/8775/configure-colour-coded-results-by-default

Hope this help.

Reply
Get Updates on the Splunk Community!

.conf25 Community Recap

Hello Splunkers, And just like that, .conf25 is in the books! What an incredible few days — full of learning, ...

Splunk App Developers | .conf25 Recap & What’s Next

If you stopped by the Builder Bar at .conf25 this year, thank you! The retro tech beer garden vibes were ...

Congratulations to the 2025-2026 SplunkTrust!

Hello, Splunk Community! We are beyond thrilled to announce our newest group of SplunkTrust members!  The ...