Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
- About mnj1809
mnj1809
Path Finder
Member since:
06-27-2019
08-01-2023
Community Statistics
| Posts | 40 |
| Solutions | 2 |
| Karma Given | 0 |
| Karma Received | 0 |
| Member Since | 06-27-2019 |
Activity Feed
- Posted Re: How can I apply color over the cells having special character in values? on Dashboards & Visualizations. 05-03-2023 05:31 AM
- Posted How can I apply color over the cells having special character in values? on Dashboards & Visualizations. 05-02-2023 08:01 AM
- Posted Re: incorrect value showing on line chart visualization on Dashboards & Visualizations. 04-26-2023 07:03 AM
- Posted Why is there an incorrect value showing on line chart visualization? on Dashboards & Visualizations. 04-26-2023 06:20 AM
- Posted Re: Multiselect input to hide/show multiple panels on Splunk Enterprise. 04-17-2023 04:55 AM
- Posted Re: Multiselect input to hide/show multiple panels on Splunk Enterprise. 04-17-2023 03:34 AM
- Posted Re: Multiselect input to hide/show multiple panels on Splunk Enterprise. 04-17-2023 01:37 AM
- Posted Re: Multiselect input to hide/show multiple panels on Splunk Enterprise. 04-17-2023 01:07 AM
- Posted How to achieve multiselect input to hide/show multiple panels? on Splunk Enterprise. 04-17-2023 12:00 AM
- Posted Re: how to convert tabular data to a specific format on Splunk Search. 12-16-2022 12:00 PM
- Posted How to convert tabular data to a specific format? on Splunk Search. 12-01-2022 11:16 AM
- Posted Re: How to change gauge color based on condition? on Dashboards & Visualizations. 11-07-2022 07:30 PM
- Posted How to change gauge color based on condition? on Dashboards & Visualizations. 11-04-2022 08:57 AM
- Posted Re: Condition based Joins on Splunk Search. 10-21-2022 04:01 AM
- Posted Re: Condition based Joins on Splunk Search. 10-17-2022 06:31 AM
- Posted Re: Condition based Joins on Splunk Search. 10-17-2022 05:52 AM
- Posted How to execute these condition based Joins? on Splunk Search. 10-17-2022 05:05 AM
- Posted Re: Reset token value to it's default value on click of a reset button on Dashboards & Visualizations. 06-16-2022 12:35 PM
- Posted Re: Reset token value to it's default value on click of a reset button on Dashboards & Visualizations. 06-16-2022 10:13 AM
- Posted Reset token value to it's default value on click of a reset button on Dashboards & Visualizations. 06-16-2022 09:03 AM
Topics I've Started
| Subject | Karma | Author | Latest Post |
|---|---|---|---|
| 0 | |||
| 0 | |||
| 0 | |||
| 0 | |||
| 0 | |||
| 0 | |||
| 0 | |||
| 0 | |||
| 0 | |||
| 0 |
05-03-2023
05:31 AM
Perfect !!! Thank you so much @bowesmana
... View more
05-02-2023
08:01 AM
Hello, I've a tabular data like below and I want to color the cells based on the following threshold. 0%-79% ==> Red 80%-99% ==> Yellow 100% ==> Green
I am applying below but without any success. I know that this is due to % symbol in the values. <format type="color" field="Passed Rules"> <colorPalette type="list">[#FF9999,#FFE699,#C6E0B4]</colorPalette> <scale type="threshold">80%,100%</scale> </format>
So how can I apply colors over the cell? Thanks in advance.
@ITWhisperer
... View more
04-26-2023
07:03 AM
Thanks richgalloway for your prompt response. Is there any way to show the string values/non-numerical data over the graph? @richgalloway
... View more
04-26-2023
06:20 AM
Hello There,
I've the data in below tabular format
but it's not showing correctly over the visualization. visualization should show either active or inactive based on the above table but it's showing 0.
@ITWhisperer
... View more
Labels
- Labels:
-
chart
04-17-2023
04:55 AM
Thank you so much. Works perfectly !!! @ITWhisperer
... View more
04-17-2023
03:34 AM
This given solution works perfectly. But my requirement is to use value="*" for "All" as I need to use this value in other panels. could you please share the updated dashboard xml having <choice value="*">All</choice> @ITWhisperer
... View more
04-17-2023
01:37 AM
As you can see in my shared dashboard xml, I've added the change handler but it's not working as expected. could you please share another solution to achieve the requirement or update my shared xml please. Please see the attached screenshot for your reference. I've selected "Windows" and "NIX" in the multiselect input but only "Windows Request Count" panel is shown however "NIX Request Count" panel should also be shown. @ITWhisperer
... View more
04-17-2023
01:07 AM
Thanks for your prompt response. I just want to show and hide panels based on the selection of values in Multiselect Input. For example, If I select "Windows" in the multiselect input then only panel "Windows Request Count" should be shown and if I select "Windows" and "NIX" in the multiselect input then panels "Windows Request Count" and NIX Request Count" should be shown.
... View more
04-17-2023
12:00 AM
Hello, Panels are not showing/hiding based on the selection of the multiselect input. <form> <label>Multiselect input to hide/show multiple panels</label> <search> <query> | makeresults | fields - _time | eval data="$service_tok$" | eval condition=case(match(data,"\*"),"show_all",match(data,"Windows") AND match(data,"NIX") AND match(data,"VMWare"),"show_all",match(data,"Windows"),"Windows",match(data,"NIX"),"NIX",match(data,"VMWare"),"VMWare") | eval show_all=case(condition="show_all","true") | eval show_windows=case(condition="Windows" OR condition="show_all","true") | eval show_nix=case(condition="NIX" OR condition="show_all","true") | eval show_vmware=case(condition="VMWare" OR condition="show_all","true") </query> <done> <condition match="$job.resultCount$!=0"> <eval token="tokShowAll">case(isnotnull($result.show_all$),$result.show_all$)</eval> <eval token="tokShowWindows">case(isnotnull($result.show_windows$),$result.show_windows$)</eval> <eval token="tokShowNIX">case(isnotnull($result.show_nix$),$result.show_nix$)</eval> <eval token="tokShowVMWare">case(isnotnull($result.show_vmware$),$result.show_vmware$)</eval> </condition> <condition> <unset token="tokShowAll"></unset> <unset token="tokShowWindows"></unset> <unset token="tokShowNIX"></unset> <unset token="tokShowVMWare"></unset> </condition> </done> </search> <fieldset submitButton="false"> <input type="time" token="field1"> <label></label> <default> <earliest>-60m@m</earliest> <latest>now</latest> </default> </input> <input type="multiselect" token="service_tok" searchWhenChanged="true"> <label>Select a Service</label> <choice value="*">All</choice> <choice value="Windows">Windows</choice> <choice value="NIX">NIX</choice> <choice value="VMWare">VMWare</choice> <change> <unset token="tokShowAll"></unset> <unset token="tokShowWindows"></unset> <unset token="tokShowNIX"></unset> <unset token="tokShowVMWare"></unset> </change> <default>*</default> <initialValue>*</initialValue> <delimiter> </delimiter> </input> </fieldset> <row> <panel> <title></title> </panel> </row> <row depends="$tokShowWindows$"> <panel> <table> <title>Windows Request Count</title> <search> <query>host=abcd source="/access.log*" | timechart span=1hr count by host</query> <earliest>-4h@m</earliest> <latest>now</latest> </search> </table> </panel> </row> <row depends="$tokShowNIX$"> <panel> <table> <title>NIX Request Count</title> <search> <query>host=abcd source="access.log" | timechart span=1hr count by host</query> <earliest>-4h@m</earliest> <latest>now</latest> </search> </table> </panel> </row> <row depends="$tokShowVMWare$"> <panel> <table> <title>VMWare Request Count</title> <search> <query>host=abcd source="access.log" | timechart span=1hr count by host</query> <earliest>-4h@m</earliest> <latest>now</latest> </search> </table> </panel> </row> </form>
@ITWhisperer
... View more
Labels
- Labels:
-
using Splunk Enterprise
12-16-2022
12:00 PM
Thanks for your prompt reply. Sorry for the late reply as I was out of town. The solution is working fine for me. @bowesmana
... View more
12-01-2022
11:16 AM
Hello, I've the following tabular formatted data:
How can I achieve the following:
Thanks in advance for your help. @ITWhisperer
... View more
Labels
- Labels:
-
table
11-07-2022
07:30 PM
Hello, I've done it by myself. We've to use primarycolor and secondarycolor in the panel search.
... View more
11-04-2022
08:57 AM
Hello, I've following 4 gauges in a panel and I want to change the color only for "Category:4" gauge based on the below values/threshold of "Category:4" gauge. Range Color 0-79 Red 80-99 Yellow 100 Green
Note: I don't want to change the color of gauges "Category:1", "Category:2","Category:3" (These gauges have different condition/threshold for color)
Thanks for your help in advance.
@ITWhisperer @gcusello
... View more
Labels
- Labels:
-
dashboard
10-21-2022
04:01 AM
First of all thanks to @ITWhisperer for the prompt responses but unfortunately the solution that you shared will not work in my use case. I find the solution from my own. What I did is just to take the ip in cmdb as null for windows because we can've multiple ips for windows workstations for the same host so that's why I don't want to use cmdb ip address to join with qualys ip address for windows, only want to use cmdb hostname to join with qualys hostname. But for nix category I want to use both cmdb ip address and hostname to join with qualys ip and hostname. ```cmdb ip and hostnames``` | eval ip=if(category="windows",null(),ip) | join max=0 type=LEFT host_name [```Qualys hostnames```] | join max=0 type=left ip [```Qualys ip```] @ITWhisperer
... View more
10-17-2022
06:31 AM
Hi Giuseppe, Thanks for your quick response but the solution that you provide will not work in my case. @gcusello
... View more
10-17-2022
05:52 AM
Thanks a lot for your prompt response. Yes we should avoid joins to improve the performance. but sometimes we've to use joins. 🙂 The main search has the different data source and the sub search has the different one. my requirement is to compare two inventories let's say CMDB and Qualys inventories based on IP and hostnames in the CMDB inventory. index=cmdb | stats values(*) as * by category, hostname, ip | join type=left hostname [search index=qualys | stats values(*) as * by hostname] | join type=left ip [search index=qualys | stats values(*) as * by ip] So my requirement is to join the cmdb hostnames with qualys hostnames only for "windows category" (I don't want to join the cmdb ip with qualys ip). But for nix category I want to join the cmdb hostnames and ip with both qualys hostnames and ip. So as this way I find the assets which are in cmdb and not in qualys. Hope this will help you to understand my requirement. @ITWhisperer @gcusello
... View more
10-17-2022
05:05 AM
Hello,
I need your help to find a way to achieve the following use case: in main search: I've to categories: Windows and NIX. both the categories have ip and hostname fields. category ip hostname windows x.x.x.x a nix y.y.y.y b Now my requirement is to join the above result set with another result set based on the following business rules:
- for windows, I want to join based on the hostname only. - for nix, I want to join based on both ip and hostname. Thanks in advance for the help.
... View more
Labels
- Labels:
-
join
06-16-2022
12:35 PM
Hello Bandit, The link you provided is for refreshing the dashboard and not for resetting the filters. @bandit
... View more
06-16-2022
10:13 AM
Hello, Thanks for your quick response but my requirement is to reset filters to their default values on click of a "BUTTON". @gcusello
... View more
06-16-2022
09:03 AM
Hello, I want to reset all the filters values to reset back to their default values when the Reset button is clicked. I tried a lot using JS but it's not working. Thanks in advance for your help @ITWhisperer
... View more
Labels
- Labels:
-
javascript
Contact Me
| Online Status |
Offline
|
| Date Last Visited |
08-01-2023
10:19 AM
|
