Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
- About MaximilianoML
MaximilianoML
Explorer
Member since:
09-26-2024
10-01-2024
Community Statistics
| Posts | 6 |
| Solutions | 1 |
| Karma Given | 2 |
| Karma Received | 0 |
| Member Since | 09-26-2024 |
Activity Feed
- Karma Re: Editing the style of the Saved Episode Reviews for marnall. 09-30-2024 08:45 AM
- Posted Re: Editing the style of the Saved Episode Reviews on Splunk ITSI. 09-30-2024 08:44 AM
- Posted Editing the style of the Saved Episode Reviews on Splunk ITSI. 09-27-2024 03:43 AM
- Posted Re: Customize the Episode Review dashboard using a JSON-formatted dashboard definition on Splunk ITSI. 09-27-2024 03:04 AM
- Posted Re: Customize the Episode Review dashboard using a JSON-formatted dashboard definition on Splunk ITSI. 09-26-2024 08:00 AM
- Posted Re: Customize the Episode Review dashboard using a JSON-formatted dashboard definition on Splunk ITSI. 09-26-2024 06:47 AM
- Karma Re: Customize the Episode Review dashboard using a JSON-formatted dashboard definition for ITWhisperer. 09-26-2024 06:47 AM
- Posted Customize the Episode Review dashboard using a JSON-formatted dashboard definition on Splunk ITSI. 09-26-2024 03:11 AM
Topics I've Started
09-30-2024
08:44 AM
Unfortunately, I can't recreate outside the ITSI App because the problem is inside the ITSI event management. The source code doesn't have anything about the Table that I talked about, btw. But, thank you for trying to help 🤝🙂 Maximiliano Lopes
... View more
09-27-2024
03:43 AM
Hello, Friends! So, I tried to change the height of the gap between these components: But in the Edit Dashboard I didn't find anything to change this: Thank you, guys 🙂
... View more
Labels
- Labels:
-
configuration
-
using ITSI
09-27-2024
03:04 AM
So, I didn't find how to use a base search, and then I just decided to proceed with a simple query as well in the Search Page. P.S. The stuff between ` are Macros, you can check here: https://itsi-*.splunkcloud.com/en-GB/manager/itsi/data/macros , it's interesting things but is not helpful for me right now. Thank you, friend! Maximiliano Lopes
... View more
09-26-2024
08:00 AM
This is the problem, I don't how this works... but I want to use the data that appears on the table in the bottom:
... View more
09-26-2024
06:47 AM
Hello, @ITWhisperer ! Yes, actually I'm editing the dashboard on https://itsi-*.splunkcloud.com/en-US/app/itsi/itsi_event_management? , and this is the view: I'm looking for a way to make a simple query in the results, like this code snippet: "dsQueryCounterSearch1": {
"options": {
"query": "| where AlertSource = AWS and AlertSeverity IN (6,5,4,3,1) | dedup Identifier | stats count as AWS",
"queryParameters": {
"earliest": "$earliest_time$",
"latest": "$latest_time$"
}
},
"type": "ds.search"
}, but doesn't return anything, any ideia how to refer the base search like the default querys? P.S: This data:
... View more
09-26-2024
03:11 AM
Hello, guys! I'm trying to use the episodes table as the base search in the Edit Dashboard view, as well in the Dashboard Classic using the source, but here we already have the results in the table. I'll attach my code snippet below: {
"dataSources": {
"dsQueryCounterSearch1": {
"options": {
"query": "| where AlertSource = AWS and AlertSeverity IN (6,5,4,3,1) | dedup Identifier | stats count as AWS",
"queryParameters": {
"earliest": "$earliest_time$",
"latest": "$latest_time$"
}
},
"type": "ds.search"
},
"mttrSearch": {
"options": {
"query": "| `itsi_event_management_get_mean_time(resolved)`",
"queryParameters": {
"earliest": "$earliest_time$",
"latest": "$latest_time$"
}
},
"type": "ds.search"
},
"episodesBySeveritySearch": {
"options": {
"query": "|`itsi_event_management_episode_by_severity`",
"queryParameters": {
"earliest": "$earliest_time$",
"latest": "$latest_time$"
}
},
"type": "ds.search"
},
"noiseReductionSearch": {
"options": {
"query": "| `itsi_event_management_noise_reduction`",
"queryParameters": {
"earliest": "$earliest_time$",
"latest": "$latest_time$"
}
},
"type": "ds.search"
},
"percentAckSearch": {
"options": {
"query": "| `itsi_event_management_get_episode_count(acknowledged)` | eval acknowledgedPercent=(Acknowledged/total)*100 | table acknowledgedPercent",
"queryParameters": {
"earliest": "$earliest_time$",
"latest": "$latest_time$"
}
},
"type": "ds.search"
},
"mttaSearch": {
"options": {
"query": "| `itsi_event_management_get_mean_time(acknowledged)`",
"queryParameters": {
"earliest": "$earliest_time$",
"latest": "$latest_time$"
}
},
"type": "ds.search"
}
},
"visualizations": {
"vizQueryCounterSearch1": {
"title": "Query Counter 1",
"type": "splunk.singlevalue",
"options": {
"backgroundColor": "#ffffff",
"sparklineDisplay": "off",
"trendDisplay": "off",
"trendValue": 0
},
"dataSources": {
"primary": "dsQueryCounterSearch1"
}
},
"episodesBySeverity": {
"title": "Episodes by Severity",
"type": "splunk.bar",
"options": {
"backgroundColor": "#ffffff",
"barSpacing": 5,
"dataValuesDisplay": "all",
"legendDisplay": "off",
"showYMajorGridLines": false,
"yAxisLabelVisibility": "hide",
"xAxisMajorTickVisibility": "hide",
"yAxisMajorTickVisibility": "hide",
"xAxisTitleVisibility": "hide",
"yAxisTitleVisibility": "hide"
},
"dataSources": {
"primary": "episodesBySeveritySearch"
}
},
"noiseReduction": {
"title": "Total Noise Reduction",
"type": "splunk.singlevalue",
"options": {
"backgroundColor": "> majorValue | rangeValue(backgroundColorThresholds)",
"numberPrecision": 2,
"sparklineDisplay": "off",
"trendDisplay": "off",
"trendValue": 0,
"unit": "%"
},
"context": {
"backgroundColorThresholds": [
{
"from": 95,
"value": "#65a637"
},
{
"from": 90,
"to": 95,
"value": "#6db7c6"
},
{
"from": 87,
"to": 90,
"value": "#f7bc38"
},
{
"from": 85,
"to": 87,
"value": "#f58f39"
},
{
"to": 85,
"value": "#d93f3c"
}
]
},
"dataSources": {
"primary": "noiseReductionSearch"
}
},
"percentAck": {
"title": "Episodes Acknowledged",
"type": "splunk.singlevalue",
"options": {
"backgroundColor": "#ffffff",
"numberPrecision": 2,
"sparklineDisplay": "off",
"trendDisplay": "off",
"trendValue": 0,
"unit": "%"
},
"dataSources": {
"primary": "percentAckSearch"
}
},
"mtta": {
"title": "Mean Time to Acknowledged",
"type": "splunk.singlevalue",
"options": {
"backgroundColor": "#ffffff",
"sparklineDisplay": "off",
"trendDisplay": "off",
"trendValue": 0,
"unit": "minutes"
},
"dataSources": {
"primary": "mttaSearch"
}
}
},
"layout": {
"type": "grid",
"options": {
"display": "auto-scale",
"height": 240,
"width": 1440
},
"structure": [
{
"item": "vizQueryCounterSearch1",
"type": "block",
"position": {
"x": 0,
"y": 80,
"w": 288,
"h": 220
}
},
{
"item": "episodesBySeverity",
"type": "block",
"position": {
"x": 288,
"y": 80,
"w": 288,
"h": 220
}
},
{
"item": "noiseReduction",
"type": "block",
"position": {
"x": 576,
"y": 80,
"w": 288,
"h": 220
}
},
{
"item": "percentAck",
"type": "block",
"position": {
"x": 864,
"y": 80,
"w": 288,
"h": 220
}
},
{
"item": "mtta",
"type": "block",
"position": {
"x": 1152,
"y": 80,
"w": 288,
"h": 220
}
}
]
}
} I really appreciate your help, have a great day 🙂
... View more
Labels
- Labels:
-
configuration
-
other
-
using ITSI
Contact Me
| Online Status |
Offline
|
| Date Last Visited |
10-01-2024
04:23 AM
|
