Splunk Enterprise
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

Using app dashboards from another app

shocko
Contributor
‎09-30-2024 07:30 AM

I'm using Splunk Enterprise 9.2.1 on Windows. On my search head a have a bunch of apps (40+) laid out as follows:

 

  • /etc/apps/myapp1
  • /etc/apps/myapp2
  • /etc/apps/myapp3

 

Etc. Each app has of course it's own dashboards defined etc. Now i'd like to group all these dashboards under one app and create a menu system for them. 

Now I control each app under GIT and can deploy them using a Devops cycle. What I would like to do is create this new app but simply reference the dashboards that reside in the other apps in this new app so that I keep my source/version control.

is this possible or would I simlpy have to copy all the dashaboards/views into this new app?

Labels (2)
Labels
0 Karma
Reply

sainag_splunk
Splunk Employee
Splunk Employee
‎09-30-2024 08:01 AM

Hello, I understand the situation of managing multiple apps. Personally, I'm not a fan of merging or combining all apps together, as you may end up with merging conflicts and broken apps if not done correctly. This process needs to be handled very carefully.

It's not just the Apps directory we need to consider; we should also look into the users directory for private knowledge objects. If your goal is simply to put these apps in a code repository, you can dump the entire apps directory (excluding default apps) and the users directory from the search head and save it.

If you believe there is no content in these apps, try to validate and consolidate packages as needed. It's better to start with the UI.

Regarding your specific situation with Splunk Enterprise 9.2.1 on Windows and multiple apps:

  1. Creating a new app that references dashboards from other apps is possible, but it has some limitations.
  2. You can use the <dashboard ref="..."> tag in your new app to reference dashboards from other apps. For example:
    xml
    <dashboard ref="/servicesNS/nobody/myapp1/data/ui/views/dashboard1"> </dashboard>
    This approach allows you to maintain your existing app structure and version control while creating a centralized menu system.
  3. However, be aware that this method:
    • Requires careful management of permissions across apps
    • May not work seamlessly with all types of dashboards (especially those with complex dependencies)
    • Could potentially break if the original apps are uninstalled or significantly modified
  4. An alternative approach could be to use a navigation app that doesn't actually contain the dashboards but provides links to them in their original locations. This would allow you to maintain your current structure while providing a unified entry point.
  5. If you decide to copy dashboards into the new app, consider using symbolic links or a build process in your DevOps cycle to maintain a single source of truth.

Remember to thoroughly test any changes in a non-production environment first. Each approach has its pros and cons, so choose the one that best fits your specific needs and infrastructure.


please upvote if you find this answer useful

 



Thanks

Reply
Get Updates on the Splunk Community!

Splunk AI Assistant for SPL | Key Use Cases to Unlock the Power of SPL

Splunk AI Assistant for SPL | Key Use Cases to Unlock the Power of SPL  The Splunk AI Assistant for SPL ...

Buttercup Games: Further Dashboarding Techniques (Part 5)

This series of blogs assumes you have already completed the Splunk Enterprise Search Tutorial as it uses the ...

Customers Increasingly Choose Splunk for Observability

For the second year in a row, Splunk was recognized as a Leader in the 2024 Gartner® Magic Quadrant™ for ...