img img
Practice Exams:
View All
  • Home
  • SPLK-1002 Splunk Core Certified Power User – Splunk Inbuilt & Advanced Visualizations

SPLK-1002 Splunk Core Certified Power User – Splunk Inbuilt & Advanced Visualizations

  1. Editing Dashboard Using Source

We have seen how to add this multiple panels into our dashboard by various methods like using search bar and also using panel created by Dashboard Edit. Now you can also edit panel by editing the source. When I say source, the dashboard source is always an xml file. If you want to view the source source or how splunk is able to interpret this panels and the reports, dashboards and stuff, you can go here. Click on edit. As you can see, make sure that there is a ui and source option. If you click on Source, you’ll be able to see the complete xml rendering of your dashboard which holds the complete information of which panel and what is the colors that have been used and what is the scale that have been used to display the results.

Whether it’s linear scale or logarithmic scale, much more information that is available on the ui. It has more granular information on the source level, so it even contains you a query, title, description, almost whatever the information that is required to render the dashboard as a visualization, this is more important. And also you can copy a panel here and you can add new panel based on this panel tag. And each panel will have title for all this dashboard. The parent tag is the dashboard followed by the row. In first row we see there are three panels.

So all these three panels are inside this row element. Similar way, if you are familiar with xml, each tag represents specific information that is holding for this ui to be presented. There is one more way similar to editing configuration file. We can change the visualization of the dashboard using your source. So just to be aware, have a look into your xml files of the created dashboard.

You’ll be able to understand in much detail what all options are required for creating a visualization in splunk, including panels, rows and column elements. We have created this dashboard. Let’s say I need to export this as a pdf. If you want to export a dashboard, click on this link export in scheduling and exporting. The both options are only available for pdf. The print option will directly give you like the page printout the complete page of your visualization screen. In splunk you can print the same. If you go to export pdf, we’ll first look at export pdf. In export pdf it generates a pdf in your browser which you can download once the pdf has been generated. Our pdf has been downloaded here, let me open it up.

So as you can see, the pdf viewing part is one of the difficult part in splunk, where the actual visualization you look in splunk here is different, but when you export it, as you can see, each panel has been broken down into single elements. This is how you export it as a pdf and probably from here on you can send it via email or any other means to the people whom you are willing to share this dashboard. One more way is to schedule it as a pdf delivery. Let’s say we need this report like every month, first day of the month, early morning, as soon as I visit the office. So we schedule it to run every month on the first day of the month around 09:00 in the morning, we enter the email and if you want cc and BC copies, make sure you mention them.

You can leave probably all this default. It will pick it up from this information that is demo and demonstration. Dashboard Description whatever the description you mentioned here, it will be pulled into your email subject and message description here. When you choose the paper size, you can set the paper size to a four letter or any other paper size you wish and you will get a chance to preview the pdf.

So once you click on Preview the pdf, it will generate temporarily a pdf file to show the formatting of the selected A four or other paper sizes in order to see how your results have been placed. As you can see, this is the A four version of your dashboard. Similarly, if I choose Letter and Preview the pdf, you’ll get a letter size preview of your dashboard and you can send a test mail to verify whether everything is working fine.

So these are two options and then go ahead and click on Save so that once on every month, first day of your beginning of the month around 09:00, this dashboard will be delivered to your email. So these are some of the dashboard functionalities that you will be doing as per your day to day activities. In our next tutorials, we’ll be seeing how to enhance this dashboard. This is a plain and simple dashboard which should look good as of now, but as we see further, we’ll be able to create much interactive dashboards which will add great value.

  1. Dashboard Filters: Time Range

We have created this dashboard as part of our previous tutorials. Now let us see how we can enhance this dashboard by creating additional filters and drill down options of this dashboard. The components or the configuration that we will be going through. In this module is created editing filters and how to edit filters using xml Editing and how the Token usage that is passing of arguments from your form to your dashboard panels, how this beam working in splunk and how to pass this values from your text field or drop down or even your submit button into your panels by using tokens. So we’ll be creating a couple of filters that are time based text box.

That is you can enter whatever the text you need and the dashboard will filter the results based on this text box. Similarly a drop down and a checkbox. We’ll see how we can do this in our lab exercise. As part of our lab exercise, we’ll be using the same dashboard that we have created earlier. Now let us say this dashboard looks fine, but every time I reload this, as we can see it loads for only last 30 days. All the panels have different times.

So I need to make sure all these dashboards are reflecting same time frame or specifically different time frame. Let us see how we can do that. Our first filter will be adding a Time filter. To add a time filter, click on Edit. As you can see there is an Add input. Right next to add panel. I’ll click on Add input. There is a time option. Choose it. So here there is an edit feature with a pencil or a pen indication. I’ll click on that, I’ll give it a label stating Select Time. As you can see, I’ve edited a label just like a display for a panel which says Select Time.

There is an option which to choose Search on Change. If we choose this, as soon as we edit this time frame, the dashboard automatically reloads. So we’ll uncheck this as of now and I’ll give a token value called as Time. This token is nothing but a variable that holds this information. By default. I’ll keep it for last 30 days. So this is the default value that whenever a dashboard loads, it will run for last 30 days. Click on Apply and let me add a submit button.

So that indicating we have selected the field that we require. And once you click Submit, the dashboard reloads. There is no need for submit. If we choose Search on Change that says whenever this input has been changed or this variable has been changed, the dashboard should automatically reload. But for now we’ll keep this unchecked and we’ll add our submit button to indicate our finalized selection. Let me click on save. So I’ve added an input.

But even though after I change the time, I’m not seeing any of the dashboard refreshing. Even after clicking there is no dashboard refresh happening because we have just added an input here. But we are not passing these values into the panels. In order to pass those panels, go to Edit Mode. Again, you have this search icon here. Select this. As you can see here, it says Time Range Picker. So this option, we will select it to share Time picker and our token name.

That is small caps time. So we’ll choose this. Click on apply. As you can see, for now, it didn’t find any results. Let us change it for last 30 days. Submit as you can see, the dashboard automatically reloads as soon as we click submit. Every time we change a value in the time field, it automatically reloads our panel. Let me do the same thing for other panels.

 

Related posts:

  1. 5 Reasons to Make PowerShell Your First Programming Language
  2. 5 Useful Tips: How to Conquer IT Job Search in This Digital Age?
  3. Advantages Of Being A Certified Specialist In IT
  4. Basic CompTIA Certifications for you
  5. Boost Your Career With Cisco Certifications (Part 1)
  6. Job Opportunities For MCSE Certification
  7. Recruiter Tips for Candidates Aspiring for Software Development Position
  8. SY0-501 Section 2.9 given a scenario; select the appropriate control to meet the goals of security.
  9. Top 5 Security Skills You Should Have as a Сloud App Developer
  10. What Benefits Can You Bring to Your Company with New Cisco Certification Program?

Popular posts

Top Vendors On The IT Certification Market

Top 5 Agile Certifications You Should Pursue in 2020

Case Study Hillary’s HillRaisers raising cash for Obama inauguration

SY0-501 Section 1.1- Implement security configuration parameters on network devices and other technologies.

Your Best Career Path With EC-Council Certification

Job Opportunities For MCSE Certification

Reasons To Get Microsoft MCSA Certification

SY0-501 Section 3.2- Summarize various types of attacks.

SY0-501 Section 6.2- Given a scenario, use appropriate cryptographic methods.

What Should You Know About New Amazon AWS Certified Database – Specialty Exam?

Recent Posts

img