Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
- About av_
av_
Explorer
Member since:
09-19-2021
2 weeks ago
Community Statistics
| Posts | 23 |
| Solutions | 0 |
| Karma Given | 3 |
| Karma Received | 0 |
| Member Since | 09-19-2021 |
Activity Feed
- Posted Re: cron schedule on Splunk Enterprise. 2 weeks ago
- Posted Re: cron schedule on Splunk Enterprise. 2 weeks ago
- Posted cron schedule: How can we cutomise the cron? on Splunk Enterprise. 2 weeks ago
- Posted Customized landing page for an existing splunk application with some background color/image? on Dashboards & Visualizations. 07-24-2023 02:43 AM
- Posted Re: How to add different background color for dashboard & panels on Splunk Search. 07-10-2023 02:21 AM
- Posted How to add different background color for dashboard & panels? on Splunk Search. 07-07-2023 07:32 AM
- Tagged How to add different background color for dashboard & panels? on Splunk Search. 07-07-2023 07:32 AM
- Posted How to make two textboxes work with a submit link if either of them is empty or both of them are not empty? on Dashboards & Visualizations. 02-20-2023 02:41 AM
- Posted Re: How to make a column value clickable? on Dashboards & Visualizations. 02-06-2023 04:16 AM
- Karma Re: How to make a column value clickable? for ITWhisperer. 02-06-2023 04:16 AM
- Posted Re: How to make a column value clickable? on Dashboards & Visualizations. 02-06-2023 03:42 AM
- Posted How to make a column value clickable? on Dashboards & Visualizations. 02-06-2023 01:37 AM
- Posted Re: Enterprise 8.0: How to convert advanced xml dashboards to simple xml dashboards? on Dashboards & Visualizations. 09-13-2022 06:58 AM
- Posted Enterprise 8.0: How to convert advanced xml dashboards to simple xml dashboards? on Dashboards & Visualizations. 09-09-2022 01:44 AM
- Tagged Enterprise 8.0: How to convert advanced xml dashboards to simple xml dashboards? on Dashboards & Visualizations. 09-09-2022 01:44 AM
- Posted Re: Getting the occurrence count when there is no event for the same on Splunk Search. 10-11-2021 09:06 PM
- Posted Re: Getting the occurrence count when there is no event for the same on Splunk Search. 09-30-2021 03:44 AM
- Posted Re: Getting the occurrence count when there is no event for the same on Splunk Search. 09-30-2021 02:13 AM
- Posted Re: Getting the occurrence count when there is no event for the same on Splunk Search. 09-29-2021 11:13 PM
- Posted Re: Getting the occurrence count when there is no event for the same on Splunk Search. 09-29-2021 10:39 PM
Topics I've Started
| Subject | Karma | Author | Latest Post |
|---|---|---|---|
| 0 | |||
| 0 | |||
| 0 | |||
| 0 | |||
| 0 | |||
| 0 | |||
| 0 |
2 weeks ago
@efavreau You're right about 21:00 Sunday GMT would be 5:00 Monday BJT but if you see the cron, it is running from 0-13 on a Sunday which is incorrect and we need to exclude that. How can we exclude this extra cron schedule.
... View more
2 weeks ago
Hi @efavreau, changing it from 1-5 would miss some alerts which are supposed to trigger monday morning. As I said there's a time difference. The splunk instance is in GMT while the alerts are being scheduled for China Time.
... View more
2 weeks ago
My splunk instance is running in GMT and I want to schedule an alert as per China time. */5 21-23,0-13 * * 0-5 This is the cron. The logic is to trigger the alert every 5minutes from Monday to friday 5AM till 10 PM china Time but the alert is getting triggered on Sunday as well. How can we cutomise the cron?
... View more
- Tags:
- cron
- splunk search
Labels
- Labels:
-
troubleshooting
07-24-2023
02:43 AM
Can we create a customized landing page for an existing Splunk application with some background color/image? And traverse to the dashboard present in that app with the help of some dropdown or button? If yes, how can we do it in classic Splunk. Is it possible to do this with the help of dashboard studio?
... View more
Labels
- Labels:
-
CSS
-
Dashboard Studio
-
javascript
07-10-2023
02:21 AM
Hi @inventsekar This is the sample xml: <form version="1.1"> <label>Color Theme</label> <fieldset submitButton="true"> <input type="time" token="field1"> <label>Time</label> <default> <earliest>-24h@h</earliest> <latest>now</latest> </default> </input> <input type="dropdown" token="field2"> <label>Environment</label> <choice value="Prod">Prod</choice> <choice value="QA">QA</choice> <choice value="DEV">DEV</choice> </input> </fieldset> <row> <panel> <title>Fusion(XPDS, WMOS)->GI Adapter(XPDS,WMOS,BZ,LF)->Ship GW->NSP->SCPI Inbound->SCPI Outbound->S4</title> </panel> <panel> <title>Fusion(XPDS, WMOS)->GI Adapter(XPDS,WMOS,BZ,LF)->NSP Topic->Shipped BRE service / SQS in Ship GW ->NSP->SCPI Inbound->SCPI Outbound->S4</title> </panel> </row> <row> <panel> <chart> <title>2nd Panel</title> <search> <query>index=main</query> <earliest>-24h@h</earliest> <latest>now</latest> </search> <option name="charting.chart">line</option> <option name="charting.drilldown">none</option> </chart> </panel> <panel> <table> <title>First Panel</title> <search> <query>Index=main</query> <earliest>-24h@h</earliest> <latest>now</latest> </search> <option name="drilldown">none</option> </table> </panel> </row> </form> Reference image is attached in the beginning of the thread.
... View more
07-07-2023
07:32 AM
Hi,
I have got a requirement to enhance the UI of a simple Splunk classic dashboard. I need to add different color for the dashboard background and different color for the dashboard panel. The reference image is attached below.
Can anyone help me with this.
... View more
- Tags:
- background color
Labels
- Labels:
-
chart
02-20-2023
02:41 AM
Hi,
I am facing an issue while implementing two textboxes in splunk dashboard.
Requirement is to make the submit button work in three scenarios:
1. Either of the textbox is empty
2. Both the textboxes are not empty
The submit button is not working as expected.
I am attaching the code here. Please have a look and let me know what's going wrong.
<row> <panel> <title>MAKE THE TEXTBOX WORK</title> <input type="text" token="text1" searchWhenChanged="true"> <label>TEXTBOX1</label> <default></default> <change> <unset token="isLifeCycleSubmit"></unset> <set token="submitLifeCycle">true</set> <unset token="setSubmitLifeCycle"></unset> <unset token="form.setSubmitLifeCycle"></unset> </change> </input>
<input type="text" token="text2" searchWhenChanged="true"> <label>TEXTBOX2</label> <default></default> <change> <unset token="isLifeCycleSubmit"></unset> <set token="submitLifeCycle">true</set> <unset token="setSubmitLifeCycle"></unset> <unset token="form.setSubmitLifeCycle"></unset> </change> </input> <input type="time" token="lifeTime"> <label>Select Time</label> <default> <earliest>@d</earliest> <latest>now</latest> </default> <change> <unset token="isLifeCycleSubmit"></unset> <set token="submitLifeCycle">true</set> <unset token="setSubmitLifeCycle"></unset> <unset token="form.setSubmitLifeCycle"></unset> </change> </input> <input id="submitLifeCycle" type="link" token="submitLifeCycle" searchWhenChanged="true" depends="$submitLifeCycle$"> <label></label> <choice value="true">Submit</choice> <change> <set token="isLifeCycleSubmit">true</set> <unset token="submitLifeCycle"></unset> <unset token="form.submitLifeCycle"></unset> <set token="setSubmitLifeCycle">true</set> </change> </input> <input id="setSubmitLifeCycle" type="link" token="setSubmitLifeCycle" searchWhenChanged="true" depends="$setSubmitLifeCycle$"> <label></label> <choice value="true">Submit</choice> </input> </panel> </row>
<row> <panel > <table> <title>QUERY</title> <search> <query>index=abc sourcetype ...|eval isSubmit=$isLifeCycleSubmit$ </query>
</search>
</table>
... View more
Labels
- Labels:
-
simple XML
-
token
02-06-2023
04:16 AM
@ITWhisperer This worked. Thanks!
... View more
02-06-2023
03:42 AM
@ITWhisperer , Thanks you for the solution. I tried it but it is not working for me. I am sharing a piece of my source code. Please let me know how can I incorporate your solution in my code. <panel id="panel1006"> <input id="showCollapseLink5" type="link" token="tokLinkCollapse5" searchWhenChanged="true" depends="$showCollapseLink5$"> <label></label> <choice value="collapse">-</choice> <change> <condition value="collapse"> <set token="showExpandLink5">true</set> <unset token="form.tokLinkCollapse5"></unset> </condition> </change> </input><input id="linkExpand5" type="link" token="tokLinkExpand5" searchWhenChanged="true" depends="$showExpandLink5$"> <label></label> <choice value="expand">+</choice> <change> <condition value="expand"> <set token="showCollapseLink5">true</set> <unset token="showExpandLink5"></unset> <unset token="form.tokLinkExpand5"></unset> </condition> </change> </input> <table rejects="$showExpandLink5$"> <title>Show field values</title> <search> <query>index=main sourcetype=abc |table name host link</query> <earliest>$fieldEarliestTime$</earliest> <latest>$fieldLatestsTime$</latest> </search> <option name="count">5</option> <option name="drilldown">cell</option> <option name="refresh.display">progressbar</option> <drilldown> <condition field=" link"> <link target="_blank">$link|n$</link> </condition> <condition field="*"></condition> </drilldown> </table> </panel>
... View more
02-06-2023
01:37 AM
I have created a Splunk dashboard in which a panel consists of a table. The table has multiple columns wherein one column values consists of URL. The URL is clickable. I have used the following piece of code to make it clickable. <drilldown> <condition field="abc"> <link target="_blank">$row.abc|n$</link> </condition> <condition field="*"></condition> </drilldown> Now, the problem is that the entire row is highlighted in blue and when I hover the mouse over any column, it gives an impression that the field value is clickable when it is not. I want all the column values to stay in black and unselected. Only the URL values shall remain highlighted.
... View more
09-13-2022
06:58 AM
Thanks @gcusello . I’ll try it out.
... View more
09-09-2022
01:44 AM
Can anyone explain me the steps to be followed to convert advanced xml dashboards to simple xml dashboards.
... View more
- Tags:
- Advanced XML
Labels
- Labels:
-
simple XML
10-11-2021
09:06 PM
Hi @ITWhisperer , There has been an enhancement in my use case. Would need your help!!! Now, we need to take Assignment Group(AG) into consideration as well. If a task is in Draft state and it belongs to "AG1" & after some days it gets assigned to "AG2", so we need to count the transition in state with respect to the assignment group it belongs to. We want to calculate for how many days task123 was in a particular state & belonged to AG1, then it got assigned to AG2 so for how many days it was in a particular state with AG2 as assignment group.
... View more
09-30-2021
02:13 AM
I'm working on Splunk version 8.2 sourcetype="pqr:task" dv_number="task*" | table dv_number dv_state _time | stats earliest(_time) as _time by dv_number dv_state | eval _time=relative_time(_time,"@d") | xyseries _time dv_number dv_state | makecontinuous _time span=1d | filldown | streamstats values(*) as * window=2 current=t | untable _time dv_number dv_state | eval dv_state=if(dv_state="complete",null(),mvindex(split(dv_state," "),0)) | eval count=1 | eval _time=_time."!".dv_number | xyseries _time dv_state count | fillnull value=0 | eval number=mvindex(split(_time,"!"),1) | eval _time=mvindex(split(_time,"!"),0) | table _time number Draft "Work in progress" Complete | stats sum(Draft) as Draft, sum(Work in progress) as "WIP", sum(Complete) as Complete by _time Reply
... View more
09-29-2021
11:13 PM
"Task123" is completed on 15-Mar-21 but the entry is getting extended till 04-Jun-21, that's because the other task "Task456" is getting completed on 04-Jun-21. So the requirement is that the Completed entry for "task123" shall only be restricted till 15-Mar-21. The entries marked in Yellow are not required.
... View more
09-29-2021
09:00 AM
Hi @ITWhisperer , The solution given by you is working perfectly fine but I am facing one issue with one scenario. Let' say I have selected the time range as "All Time" and there is a task which is in Draft from 19-Feb-21 to 20-Feb-21, WIP from 21-Feb-21 to 23-Feb-21 and the task gets completed on 24-Feb-21. Since, we have used "Filldown" in the query, it is filling all the timestamps with "Complete" till today which is wrong as we want only one entry for "Complete". PS: the "Filldown" is working fine for Draft & WIP. Since "Complete" is the last stage, so only one entry should be visible. Is there any way to do that?
... View more
09-20-2021
10:33 PM
Hi!!! Your solution works fine for one task but in the real dataset I have more than a hundred tasks. How to evaluate the count in such case?
... View more
Contact Me
| Online Status |
Offline
|
| Date Last Visited |
2 weeks ago
|
