Dashboards & Visualizations

Basic dashboards

adetheodore
Loves-to-Learn Lots

Hello guys... We need some help, as always. We are a bunch of noobs in Splunk and we want to create some basic dashboards about the local performance such as disk, cpu, memory... And dashboards about a few of the most importants event logs in windows. Any idea how to start? I've been reading docs, forums, etc. but it looks like since is too basic no one talks about it lol Hope you can give me a hand. We are using splunk enterprise on a local w10 machine just to get our hands dirt and learn the basics as you can see.

Thank you again and happy halloween!

Labels (3)
0 Karma

nhaq
Splunk Employee
Splunk Employee

Hi @adetheodore , 

 

Although this may not assist necessarily in the query-writing aspect of your question, we do provide some example dashboards with the product for Splunk Enterprise 8.2 and higher, in the Examples Hub, which you can find by going to the Dashboard listing page in Search and Reporting and clicking the link at the top.This is a collection of example dashboards for various use cases if you need help in terms of design, organization, and messaging for the dashboard. If you use one of these examples you can likely replace the searches with the correct ones necessary for your use case. Hopefully this can help in some aspects of your situation. 

0 Karma

vhharanpositka
Path Finder

Hi @adetheodore 

In Splunk Enterprise, you can use the "Splunk App for Infrastructure" for Windows Monitoring. 

APP URL: https://splunkbase.splunk.com/app/3975/

Installation Reference: https://docs.splunk.com/Documentation/InfraApp/2.2.4/Install/Install


If you are monitoring the local machine, then the "Monitoring Console" will provide the necessary details about the local machine metrics.

Reference: https://docs.splunk.com/Documentation/SplunkCloud/8.2.2109/Data/MonitorWindowsperformance#Enable_loc...

 

Thanks

0 Karma

adetheodore
Loves-to-Learn Lots

Hello!

The thing is that we're trying to display some dashboards about performance and logs but we don't know how to write a good query for that. We tried to use this app but with no luck.

0 Karma

SinghK
Builder

index = your index |table host, source, sourcetype, event_id,  message, type the fields you need here 

This will give you all the info and save this search as dashboard for windows event logs and that should do... 

Metrics (cpu,mem,disk)is totally diff story and will need more info before a query can be written.

 

 

 

0 Karma