Back to the Blog

Event Sampling - Splunk 6.4 Feature

Posted by Rupak Pandya on Tuesday, August 2, 2016 - 10:07 Operational Intelligence Big data, Splunk 6.4, Cool Tools, Dashboards, Reports, Event Sampling, Events, sample, Operational Intelligence
There have been countless instances when I was on a client site and tasked with building custom dashboards on large data sets, with a requirement to search over the past 3 months or greater. Each minor tweak or adjustment to the search would require me to run the entire search again, which on development systems would be a huge time sink. My life would have been so much easier, and I would have saved loads of time, if there was a way to run my searches against a smaller data set. Obviously, I could achieve this by, for example, running my searches against a shorter time frame but I would...
read more

Every Click You Make, Splunk is Watching You…

Posted by Neena Bhutiani on Thursday, March 12, 2015 - 14:18 Function1, Operational Intelligence Splunk, Operational Intelligence, Data Inputs, Dashboards

 

When I am at client sites I often get asked how they can get a better understanding of what is going on in their Splunk environment. A recent client wanted to understand what dashboards were being used the most in their environment and who were the top users. What a great thought! I knew that Splunk had to have a way to track this. It was just a matter of locating the data and then determining the best way to pull it. After going back and forth between metadata and the internal index, I came across this in Splunk’s internal index.

...
read more

Creating my first dashboard and adding interactivity: The magic of text boxes in Splunk 6.1* in Simple XML

Posted by Ashley Mitchell on Thursday, March 5, 2015 - 11:22 Operational Intelligence Splunk 6, Forms, Text box, Dashboards, Simple XML

Recently, I had the opportunity to work on the Web Analytics portion of an internal app development project. As a newb, I was eager to jump in, get started, enjoy the adventures and misadventures of Splunking, and put to use my newly developed Splunk skills obtained from weeks of training. I mean how could I fail? I had the right people, processes, and technologies supporting me to jump in and start the Splunk magic.

Moving forward, I jumped into action by reading tons of documentation, asking the typical newb questions and making the typical newb mistakes until somehow the first...

read more

Extending the Power of Pivot

Posted by Rupak Pandya on Thursday, October 16, 2014 - 15:01 Operational Intelligence Splunk 6, Splunk, data model, pivot, pivot editor, Dashboards, UI Customize

Data models were introduced with the release of Splunk 6 back in Oct of 2013. By now, Splunk users are aware of the pivot feature that allows them to build various types of reports that are fueled by data models without having to know the Splunk Search Processing Language (SPL). The Pivot Editor is a great way to build these reports, it allows users to simply point and click their way to creating reports/charts/graphs that provide great insight. This feature is great for users that only want to use the Pivot Editor to create their reports. However, you cannot add the Pivot Editor to a...

read more

Getting a Pulse on Your System: How to Build a System Health Indicator in Splunk

Posted by Anshu Rastogi on Friday, February 1, 2013 - 15:28 Operational Intelligence, Development Dashboards, query, search, singlevalue, Splunk

Welcome Splunkers!  I hope everyone is having a great New Year.  We certainly are, here at Function1.  We just publicly released a beta version of our Splunk for Oracle WebLogic Server app to Splunkbase  as mentioned in a recent post.  As part of the Splunk products team at Function1, I'm always looking at new ideas and approaches in Splunk app development.  As Splunk apps become more robust, they will...

read more

Using the Visualization Editor to Create a Dashboard in Splunk 4.3

Posted by Rupak Pandya on Thursday, April 5, 2012 - 16:09 Operational Intelligence, Cool Tools Analytics, Cool Tools, Dashboards, Simple XML, Splunk, UI, Visual, Visualization

Hello world!  This is my first blog post with Function1 and I hope you find it useful. This post will give you an idea of how simple it is to use the new Visualization Editor in Splunk 4.3 to create a dashboard. This neat new feature is great because it simplifies the dashboard and panel creation process by allowing any user to create a custom dashboard without having to write any XML code and/or book time and consult with the IT guy! Each Splunk user can create their very own custom dashboard with panels that can include a table, pie chart, line graph, or a variety of other options with...

read more

Splunk Dashboard Development and an Intro to SideView Utils

Posted by Anshu Rastogi on Friday, February 17, 2012 - 14:33 Operational Intelligence, Development Apps, Dashboards, Sideview, Splunk

(Image: Salvatore Vuono / FreeDigitalPhotos.net)

This is hopefully the first in a series of posts dealing with the joys of developing dashboards and apps in Splunk.  In this post, I’d like to highlight different development options and introduce SideView Utils.

The Case for Dashboards

Organizations use Splunk in a variety of ways.  Uses range from monitoring a specific application to gaining enterprise-wide insight into their operations.  Insight can be...

read more
Stay In Touch