×

Join the Conversation

Without signing in, you're just watching from the sidelines. Sign in or Register to connect, share, and be part of the Splunk Community.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question
gsfiorese_au
Engager
Member since: ‎08-11-2015
‎06-05-2020
Community Statistics
Posts 5
Solutions 0
Karma Given 1
Karma Received 0
Member Since ‎08-11-2015
Activity Feed
View All

Re: Splunk Dashboard 6.x Examples Source Code: Whe...

by in All Apps and Add-ons
‎08-19-2015 08:29 PM
‎08-19-2015 08:29 PM
My apologies for reopening the topic ... But I have the same problem and even after restarting the splunk nothing happens. It is possible within the splunk open a window for editing the codes in javascript? Likewise which it appears on app Splunk Dashboard 6.x Examples?? I have done javascript and already put him on the right path: c:/program files/Splunk/etc/apps/app_gabriel/appserver/static and I have done the restart of the system but still can not view the source code within the Splunk. Anyway was wondering if this is possible, and if so what I have to do to be able to display correctly. Thank you all. ... View more

Re: Import a text data with a index

by in Splunk Search
‎08-16-2015 05:59 PM
‎08-16-2015 05:59 PM
Thank you!! Woodcock! ... View more

Re: Import a text data with a index

by in Splunk Search
‎08-13-2015 10:12 PM
‎08-13-2015 10:12 PM
Sorry I forget my code for dashboard: <form> <label>Databases and Datatables - Search</label> <description>List of Databases and Datatables from HIVE</description> <fieldset autoRun="true" submitButton="true"> <input type="text" token="database"> <label>Enter an Database Name</label> <default></default> <prefix>vix_input_1_splitter_hive_dbname=</prefix> <sufix></sufix> </input> <input type="text" token="datatable"> <label>Enter an Database Name</label> <default></default> <prefix>vix_input_1_splitter_hive_tablename=</prefix> <sufix></sufix> </input> </fieldset> <row> <table> <title>Databases and Datatables list found in the file:</title> <search> <query> search $database$ $datatable$ sourcetype="my_data" | table vix_input_1_splitter_hive_dbname vix_input_1_splitter_hive_tablename | rename vix_input_1_splitter_hive_dbname AS "Database Name" | rename vix_input_1_splitter_hive_tablename AS "Datatable Name" </query> </search> <!--earliestTime>-60m@m</earliestTime--> <latestTime>now</latestTime> <option name="drilldown">row</option> <option name="count">10</option> </table> </row> </form> Tks, Gabriel ... View more

Re: Import a text data with a index

by in Splunk Search
‎08-13-2015 09:59 PM
‎08-13-2015 09:59 PM
Hi Woodcock, Thanks for the reply and I'm sorry if I was not clear, if it is not uncomfortable try to explain better now. Every day the txt file (myfile.txt) is imported into splunk and the data are shown through the dashboard below: As I have many informations (1 for n) the visualization is compromised and too long, and many pages are generated and this complicates the search. Apollo >> Table_BlaBla_1 Apollo >> Table_BlaBla_2 Apollo >> Table_BlaBla_3 Gendesk >> Table_Genx_1 Gendesk >> Table_Genx_2 Gendesk >> Table_Genx_3 Gendesk >> Table_Genx_4 I need the header once appears, and the dependencies come down (something like a tree view) Apollo Table_BlaBla_1 Table_BlaBla_2 Table_BlaBla_3 Gendesk Table_Genx_1 Table_Genx_2 Table_Genx_3 Table_Genx_4 Below is the code I used to create the dashboard, if his reach to help me or anyone else will be grateful. ... View more

Import a text data with a index

by in Splunk Search
‎08-11-2015 08:21 PM
‎08-11-2015 08:21 PM
Hello everyone, I'm starting with the development in splunk... Each time a new database or datatable and created on the server, I have a service that generates a text file with the respective Info thereof, for example: [hive_APOLLO_APOLLO_DATA] vix.description = (hive orc) edb exit nbn database vix.input.1.path = /data/tdc/prd/corp/base/edb/APOLLO/... vix.provider = bud_hive_orc vix.input.1.splitter.hive.dbname = APOLLO vix.input.1.splitter.hive.tablename = APOLLO_DATA vix.input.1.splitter.hive.fileformat = orc [hive_APOLLO_EPI_IV_CLI] vix.description = (hive orc) edb exit nbn database vix.input.1.path = /data/tdc/prd/corp/base/edb/APOLLO/... vix.provider = bud_hive_orc vix.input.1.splitter.hive.dbname = APOLLO vix.input.1.splitter.hive.tablename = EPI_IV_CLI vix.input.1.splitter.hive.fileformat = orc [hive_APOLLO_EPI_IV_NBN_CLI] vix.description = (hive orc) edb exit nbn database vix.input.1.path = /data/tdc/prd/corp/base/edb/APOLLO/... vix.provider = bud_hive_orc vix.input.1.splitter.hive.dbname = APOLLO vix.input.1.splitter.hive.tablename = EPI_IV_NBN_CLI vix.input.1.splitter.hive.fileformat = orc ... Once the data is imported into splunk the need to show the dashboard the entire information for the file. In this case when I click one of the results the system does the search and returns the information from block concerning the same, however, the index generated and generally for the file (main): What do I need and the index is generated based on information contained in square brackets ([hive_APOLLO_TEST_PARTITION]) so when I run the search system bring something like this: Main View DB1 DB1.TBL1 (virtual.index.1) -> links to Child View (virtual.index.1) Child View (virtual.index.1) <Search results for splunk search: index=virtual.index.1> DB1=APOLLO TBL1=APOLLO_DATA virtual.index.1=hive_APOLLO_APOLLO_DATA Sorry for the long text, someone help me? Thank you all! ... View more
Contact Me
Online Status
Offline
Date Last Visited
‎06-05-2020 02:04 AM
Karma given to
View All