Dashboards & Visualizations
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

How do I create a form or dashboard that will allow me to choose a date range?

jambajuice
Communicator
‎06-21-2010 06:51 PM

We need to create multiple reports each month for SOX compliance. The search looks like the following:

server01 EventCode="560" Client_Domain="JAMBA" "FY10 Reports" Object_Name!="*.tmp" Object_Name="\.*" Client_User_Name!="*$" Client_User_Name!="!*" | stats count(TimeWritten) as TimesAccessed by Object_Name Client_User_Name Accesses | outputcsv October_AuditGroup8.csv

There are about 20 of these searches that we need to run. I'd like to create a dashboard that will let us choose the start and end date for the search and then run all 20 of the searches, preferably in the background.

Can somebody point me to the documentation that will show me how to do this?

Thx.

Craig

Tags (1)
0 Karma
Reply

erydberg
Splunk Employee
Splunk Employee
‎06-21-2010 07:51 PM

You can do that by building an advanced xml dashboard and add a time range picker around your searches:

http://www.splunk.com/base/Documentation/latest/Developer/AdvancedFormSearch http://www.splunk.com/base/Documentation/latest/Developer/ModuleReference#TimeRangePicker

Reply
Get Updates on the Splunk Community!

Enhance Security Visibility with Splunk Enterprise Security 7.1 through Threat ...

(view in My Videos)Struggling with alert fatigue, lack of context, and prioritization around security ...

Troubleshooting the OpenTelemetry Collector

  In this tech talk, you’ll learn how to troubleshoot the OpenTelemetry collector - from checking the ...

Adoption of Infrastructure Monitoring at Splunk

  Splunk's Growth Engineering team showcases one of their first Splunk product adoption-Splunk Infrastructure ...