Splunk Search
×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question

Splunk forms

Deepz2612
Explorer
‎01-22-2019 08:07 PM

I would want to know if I can create a form as below :

Time : 23/01
No of Events : 57
Exceptions : 400 - site not found
ABCD : take the next action
EFG : refer the instructions guide

The left side should remain constant and the right side gets populated with the data from Splunk on the occurrence of a particular event.

Tags (1)
0 Karma
Reply

vishaltaneja070
Motivator
‎01-23-2019 02:21 AM

Hello @Deepz2612

Yes, you can create a Splunk Dashboard like this.

You can use stats to find the no of events and exception etc. After that run transpose command to get the data in particular format.
And finally set auto refresh of dashboard.

0 Karma
Reply

Deepz2612
Explorer
‎01-23-2019 02:51 AM

Thanks you..
Is it possible to have one of the row as dashboard visualization (graph) as among the many rows that I wanted in the dashboard?

Row 1 -> Some data
Row 2 -> Some data
Row 3 -> Graph

0 Karma
Reply

vishaltaneja070
Motivator
‎01-23-2019 03:10 AM

@Deepz2612
There is app called Splunk Dashboard examples which can help you to solve the visualisation part.
https://splunkbase.splunk.com/app/1603/

0 Karma
Reply
Get Updates on the Splunk Community!

Index This | When is October more than just the tenth month?

October 2025 Edition  Hayyy Splunk Education Enthusiasts and the Eternally Curious!   We’re back with this ...

Observe and Secure All Apps with Splunk

  Join Us for Our Next Tech Talk: Observe and Secure All Apps with SplunkAs organizations continue to innovate ...

What’s New & Next in Splunk SOAR

 Security teams today are dealing with more alerts, more tools, and more pressure than ever.  Join us for an ...