Dashboards & Visualizations
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

How to create a dashboard for servers with a status Green/Red (Up or Down)

Uday
Explorer
‎09-01-2020 01:49 PM

Hi, I got a new requirement to build a dashboard showing server status (Up/Down). Unfortunately our logs does n't indicate any such status like server started or server down. Any suggestions please? Any examples that I can see?

Labels (1)
Labels
0 Karma
Reply

gcusello
SplunkTrust
SplunkTrust
‎09-01-2020 11:47 PM

Hi @Uday,

this is a new question and it's better to create a new one.

Anyway, you can see in Dashboard Examples (https://splunkbase.splunk.com/app/1603/) in the "Table Icon Set (Rangemap)" dashboard how to display status using an icon instead a value.

Is solves adding to your app a css and a js that are called by the dashboard

<form script="table_icons_rangemap.js" stylesheet="table_decorations.css">

then at your table is assigna an id:

 <table id="table1">

Remember to restart Splunk after you added css and js to the app and reload the page at every change in the dashboard otherwise you don't see the icons.

 

About the problem that you haven't a status field, you can create it using eval or (better) rangemap command, something like this:

e.g. to find hosts (listed in a lookup) that aren't sending logs:

| metasearch index=_internal
| eval host=lower(host)
| stats count BY host
| append [ | inputlookup systems.csv | eval host=lower(host), count=0 | fields host count ]
| stats sum(count) AS total BY host
| rangemap field=total severe=0-0 low=1-1000000000 default=severe

in this way the added javascript takes the value from rangemap and assign an icon.

 

Ciao.

Giuseppe

0 Karma
Reply

Uday
Explorer
‎09-01-2020 01:58 PM

Thanks for your reply. Is it possible to provide me the query to search  logs for any data at all from the servers in the last x minutes? I will try this solution.

0 Karma
Reply

richgalloway
SplunkTrust
SplunkTrust
‎09-01-2020 01:53 PM

You could create a Python script that probes each server and sends an up/down indication to Splunk.

It may be easier, however, to search your logs for any data at all from the servers in the last x minutes.  If data is present then the server is up; otherwise, consider it down.

---
If this reply helps you, Karma would be appreciated.
0 Karma
Reply

Uday
Explorer
‎09-01-2020 06:11 PM

Thanks for your reply. Is it possible to provide me the query to search  logs for any data at all from the servers in the last x minutes? I will try this solution.

0 Karma
Reply
Get Updates on the Splunk Community!

Introducing the Splunk Community Dashboard Challenge!

Welcome to Splunk Community Dashboard Challenge! This is your chance to showcase your skills in creating ...

Get the T-shirt to Prove You Survived Splunk University Bootcamp

As if Splunk University, in Las Vegas, in-person, with three days of bootcamps and labs weren’t enough, now ...

Wondering How to Build Resiliency in the Cloud?

IT leaders are choosing Splunk Cloud as an ideal cloud transformation platform to drive business resilience,  ...