Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
- About Brausepaule
Brausepaule
Path Finder
Member since:
02-14-2023
03-07-2023
Community Statistics
| Posts | 21 |
| Solutions | 2 |
| Karma Given | 2 |
| Karma Received | 4 |
| Member Since | 02-14-2023 |
Activity Feed
- Got Karma for Re: Where can I find CSS for Link List Selected Item?. 03-07-2023 04:56 AM
- Posted Re: Where can I find CSS for Link List Selected Item? on Dashboards & Visualizations. 03-06-2023 05:22 AM
- Karma Re: Where can I find CSS for Link List Selected Item? for danspav. 03-06-2023 05:22 AM
- Karma Re: Where can I find CSS for Link List Selected Item? for Tom_Lundie. 03-06-2023 05:22 AM
- Posted Re: Where can I find CSS for Link List Selected Item? on Dashboards & Visualizations. 03-06-2023 04:51 AM
- Posted Re: Where can I find CSS for Link List Selected Item? on Dashboards & Visualizations. 03-05-2023 11:37 PM
- Posted Re: Is it possible to add legend to the bottom left ? on Dashboards & Visualizations. 03-05-2023 11:32 PM
- Posted Where can I find CSS for Link List Selected Item? on Dashboards & Visualizations. 03-03-2023 03:19 AM
- Posted Re: Is it possible to add legend to the bottom left ? on Dashboards & Visualizations. 03-03-2023 03:16 AM
- Posted Re: Create a custom column on Splunk Enterprise. 03-01-2023 09:52 AM
- Posted Re: Create a custom column on Splunk Enterprise. 03-01-2023 09:32 AM
- Got Karma for Re: Create a custom column. 03-01-2023 09:20 AM
- Posted Re: Create a custom column on Splunk Enterprise. 03-01-2023 09:10 AM
- Got Karma for Re: Create a custom column. 03-01-2023 09:00 AM
- Posted Re: Hiding search dialog when viewing alert results / OR: escaping tokens in alerts? on Alerting. 03-01-2023 08:52 AM
- Posted Re: Create a custom column on Splunk Enterprise. 03-01-2023 08:51 AM
- Posted Re: Hiding search dialog when viewing alert results / OR: escaping tokens in alerts? on Alerting. 03-01-2023 08:45 AM
- Posted Re: Create a custom column on Splunk Enterprise. 03-01-2023 08:36 AM
- Posted Re: How to search to find disabled alert? on Splunk Search. 02-28-2023 12:34 PM
- Posted Re: Search to find disabled alert on Splunk Search. 02-28-2023 05:52 AM
Topics I've Started
| Subject | Karma | Author | Latest Post |
|---|---|---|---|
| 0 | |||
| 0 | |||
| 0 | |||
| 0 |
03-06-2023
05:22 AM
1 Karma
Hi Tom, actually the other css from @danspav worked already it was simply not visible due to my background... the selection border is not my primary intend...i just wanted to know how to edit the style of the selcted button even when something else on the dashboard gets selected... now i can do this... Thanks mates...karma incoming 😉
... View more
03-06-2023
04:51 AM
Hi Tom, no worries i have a working link list with ID and everything and as stated to begin with the CSS applies well until i select something else in the dashboard...here is what i have got: This is my linklist...sorry in german, but that does not impact anything anyhow 😉 Here is my simple XML for it: <input type="link" token="field2" id="link_list_finops">
<label>...</label>
<choice value="overview">FinOps Overview</choice>
<choice value="util_vs_cost">Nutzung <-> Kosten</choice>
<choice value="cost_vs_budget">Kosten <-> Budget</choice>
<choice value="benefits">Mehrwerte</choice>
<choice value="why_splunk">Warum Splunk?</choice>
<default>FinOps Overview</default>
<change>
<condition value="overview">
<set token="tok_overview"></set>
<unset token="tok_util_vs_cost"></unset>
<unset token="tok_benefits"></unset>
</condition>
<condition value="util_vs_cost">
<unset token="tok_overview"></unset>
<set token="tok_util_vs_cost"></set>
<unset token="tok_benefits"></unset>
</condition>
<condition value="benefits">
<unset token="tok_overview"></unset>
<unset token="tok_util_vs_cost"></unset>
<set token="tok_benefits"></set>
</condition>
</change>
</input> Here is my current CSS for the current style: #link_list_finops {
width: 100% !important;
}
#link_list_finops.input-link label {
font-size: 18px;
font-weight: bold;
}
#link_list_finops.input-link button{
border-bottom: 1px solid white;
margin: 5px !important;
color: white !important;
font-family:Ink Free !important;
font-weight: bold !important;
} As you can see in the screenshot the button is very well highlighted by the default css behavior, but when i click somewhere in my dashboard in goes to this: adding the aria-checked CSS does not change the behavior when i click on something else in the dashboard.
... View more
03-05-2023
11:37 PM
Hi danspav, the part for aria-checked would be the one i am looking for: div#platform button[aria-checked="true"]{
border:3px solid #6b7785!important;
} However as soon as i click somewhere else after selecting the button, the border disappears again. Does it really stay with a thick border after clicking in a chart or something? Kind regards, Michael
... View more
03-05-2023
11:32 PM
Hi Vish, i myself am not that good with CSS sorry. I checked and the object in question would be highcharts-legend, however as with the title object it does not respond to alignments. Just hover with the mouse over the legend and then right-click and select "Inspect". Kind regards, Michael
... View more
03-03-2023
03:19 AM
Hi All,
i love link lists, however i cannot find the apropriate pseude type to manipulate the appearance of the selected Item. on this site:
https://www.mediaevent.de/css/css-selektor-pseudo.html
there are examples of pseudo types and "hover" and "selected" work like a charme, however the link list loses the ccs styles once something else is selected in the dashboard. Can anyone help?
Kind regards,
Michael
... View more
Labels
- Labels:
-
CSS
-
dashboard
-
simple XML
03-03-2023
03:16 AM
Hello, try to add this option to your chart, or replace the existing one 😉 <option name="charting.legend.placement">bottom</option> if you want the legend to be aligned to the left then you will need some css
... View more
03-01-2023
09:52 AM
Okay if it is a big number we are talking reporting and not monitoring i guess. I am basically a novice myself but i use dirty tricks. They are not nice to look at and are probably more complicated tahn neccessary, but as long as no one else provides a better solution this will work. Use my last query to create the short table. save the results in a summary index: | collect index=<your_summary_index> Here it gets complicated...how often do you run the query? If it is very frequent then we are talking about monitoring...in this case my solution will still work, but might pose consistency issues. In your query use a join a join command: | join type=left CorrelationID [ | search index=<your_summary_index>] this will add the field status to your main search based on the CorrelationID. IMPORTANT: run the query to populate the sumary index shortly before the query which uses it. Then in the join qualify earliest as -10min or so. give it a try 😉
... View more
03-01-2023
09:32 AM
okay so not as simple as i hoped. just to get an idea...about how many IDs and lines are we talking about?
... View more
03-01-2023
09:10 AM
1 Karma
please try this: | stats values(tracePoint) as all_states by CorrelationID | eval status = Case(all_states LIKE "%EXCEPTION%", "ERROR", all_states LIKE "%END%", "SUCCESS", 1==1, "UNKOWN") | table CorrelationID status
... View more
03-01-2023
08:52 AM
can you provide a screenshot of what you actually mean?
... View more
03-01-2023
08:51 AM
1 Karma
my Case Statement was an example, but anyhow you intend to flag events with same identifier based on one event with that identifier...in this case my solution would never work, as i judges each line byitself. do you need the actuall list or would this suffice: CorrelationID Status 123 SUCCESS 456 ERROR 789 UNKNOWN
... View more
03-01-2023
08:45 AM
Hello, please check first if you checked something by mistake:
... View more
03-01-2023
08:36 AM
Hi, your example is abit confusing as you have three different states for the same tarcePoint value "START" try something like this: <your normal query> | eval status = Case(tracePoint LIKE "%EXCEPTION%", "ERROR", tracePoint LIKE "%<your criteria here>%", "SUCCESS", 1==1, "UNKOWN") then just table all three columns
... View more
02-28-2023
12:34 PM
how many users are able to edit your alerts? Maybe you should revisit your permissions on alerts first 😉
... View more
02-28-2023
05:52 AM
Hi, all alerts should be saved searches and you can query them like explained here: https://community.splunk.com/t5/Alerting/How-can-I-query-to-get-all-alerts-which-are-configured/td-p/288845 as you only want to find disabled alerts (there are already a lot by default) you should only scan for line items where disabled=1 do that in a saved search itself quering all disabled saved searches..and it should work
... View more
02-28-2023
05:18 AM
Hi All,
i am a bit puzzeled. I know that connecting to a foreign AWS account via user credentials is in itself a bit of an open issue (security wise), but it should work. And it does work for the Instance "Splunk Obeservability", however it does not for self hosted instance of Splunk Enterprise.
So both instances use the same user and therefore same policies.
I saw a post from way back that you should eliminate all namespaces not needed anyhow. So I did and am left with two namespaces/dimensions i know should fetch information => AWS/EC2, AWS/EBS.
I also have a local AMI Role for my local AWS account which works just fine, even with dimensions not used in AWS.
There is however one abnormality in the logs:
Input via Splunk_AWS_Role works great, but input with Cross_Splunk_Connection delivers no data, but also does not log any errors.
Any help is very much appreciated.
Kind regards,
Mike
... View more
Labels
- Labels:
-
configuration
-
troubleshooting
02-23-2023
09:57 AM
Hi, maybe a simple linklist may help. Use the input to create a token on condition and have an external serach waiting for that token to be anything else than null <row> <panel> <input type="link" token="field0"> <label><your label here></label> <choice value="trigger_stuff">Trigger Stuff</choice> <change> <condition value="trigger_stuff"> <set token="tok_trigger_action">"aloha"</set> </condition> </change> </input> </panel> </row> <search depends="$tok_trigger_action$"> <query> do what you want here </query> <done> <unset token="tok_trigger_action"></unset> <unset token="form.field0"></unset> </done> </search> you can throw some css styles on it to make it look like a button 😉
... View more
02-23-2023
01:55 AM
I found this policy...not sure if everything in there is needed, but as a start it works: { "Version": "2012-10-17", "Statement": [ { "Effect": "Allow", "Action": [ "apigateway:GET", "autoscaling:DescribeAutoScalingGroups", "cloudformation:ListResources", "cloudformation:GetResource", "cloudfront:GetDistributionConfig", "cloudfront:ListDistributions", "cloudfront:ListTagsForResource", "cloudwatch:DescribeAlarms", "cloudwatch:GetMetricData", "cloudwatch:ListMetrics", "directconnect:DescribeConnections", "dynamodb:DescribeTable", "dynamodb:ListTables", "dynamodb:ListTagsOfResource", "ec2:DescribeInstances", "ec2:DescribeInstanceStatus", "ec2:DescribeNatGateways", "ec2:DescribeRegions", "ec2:DescribeReservedInstances", "ec2:DescribeReservedInstancesModifications", "ec2:DescribeTags", "ec2:DescribeVolumes", "ecs:DescribeClusters", "ecs:DescribeServices", "ecs:DescribeTasks", "ecs:ListClusters", "ecs:ListServices", "ecs:ListTagsForResource", "ecs:ListTaskDefinitions", "ecs:ListTasks", "eks:DescribeCluster", "eks:ListClusters", "elasticache:DescribeCacheClusters", "elasticloadbalancing:DescribeLoadBalancerAttributes", "elasticloadbalancing:DescribeLoadBalancers", "elasticloadbalancing:DescribeTags", "elasticloadbalancing:DescribeTargetGroups", "elasticmapreduce:DescribeCluster", "elasticmapreduce:ListClusters", "es:DescribeElasticsearchDomain", "es:ListDomainNames", "kinesis:DescribeStream", "kinesis:ListShards", "kinesis:ListStreams", "kinesis:ListTagsForStream", "kinesisanalytics:ListApplications", "kinesisanalytics:DescribeApplication", "lambda:GetAlias", "lambda:ListFunctions", "lambda:ListTags", "logs:DeleteSubscriptionFilter", "logs:DescribeLogGroups", "logs:DescribeSubscriptionFilters", "logs:PutSubscriptionFilter", "organizations:DescribeOrganization", "rds:DescribeDBInstances", "rds:DescribeDBClusters", "rds:ListTagsForResource", "redshift:DescribeClusters", "redshift:DescribeLoggingStatus", "s3:GetBucketLocation", "s3:GetBucketLogging", "s3:GetBucketNotification", "s3:GetBucketTagging", "s3:ListAllMyBuckets", "s3:ListBucket", "s3:PutBucketNotification", "sqs:GetQueueAttributes", "sqs:ListQueues", "sqs:ListQueueTags", "states:ListActivities", "states:ListStateMachines", "tag:GetResources", "workspaces:DescribeWorkspaces" ], "Resource": "*" } ] }
... View more
02-22-2023
01:47 AM
Hi All,
i saw that there have been previous posts about this topic, but none resolves my issue. I have created a IAM role with CloudWatchFullAccess and i assigned it to the EC2 Instance Splun k is running on. And the role was auto-discovered and when setting up an Input for CloudWatch i was able to use that role.
So sofar everything is peachy, but i get no metrics in the configured Index.
Am I missing a policy for the IAM Role?
Kind regards,
Mike
... View more
Labels
- Labels:
-
troubleshooting
02-15-2023
07:30 AM
Hi, i gave up with flexbox...maybe it is even matter of chrome, firefox, etc. I ended up using the common approch with an h2 mimic via css styles: On the left is the centerd title for the original panel-title with the weird negative offset In the middle is the standard version of the h2 mimic which i always found to be a bit hard on the eyes in relation to the charts on the right ist the h2-mimic with margins... .h2-mimic { background:#177843 !important; color:white !important; text-align: center !important; font-weight: bold !important; border-top-right-radius: 15px; border-top-left-radius: 15px; height: 38px; !important; margin-top: -10px; !important; margin-left: -10px; !important; margin-right: -10px; !important; display: flex; !important; justify-content: center; !important; align-items: center; !important; font-size: 16px; !important; } Kind regards, Mike
... View more
02-14-2023
09:29 AM
Hi,
i do know that you simply can add a html part above the charts to replace the actual panel title and that class used in the html part is easily centered. However it is not as wide as the chart below.
You also can use css to change the style of the panel title itself, but fpr some reason it has a weird offset and is not truly centered. The same is true for chart titles...
Back in a project i found a way to use flexbox to truly center the native .panel-title style
But for the hell of me, i can not put it back together. The problem is that the flexbox itself is already not centered in the panel header.
Any ideas are greatly appreciated.
Kind regards,
Mike
... View more
Labels
- Labels:
-
panel
-
simple XML
Contact Me
| Online Status |
Offline
|
| Date Last Visited |
03-07-2023
05:19 AM
|
