Nice video. This helped me create my first production dashboard! Honestly, this was better than the Splunk documentation. A more real world example that I could adapt to my needs. Thanks for the Github. Saved me a lot of typing. 🙂
Great videos you have. I've searched "countless" videos and information before for a long time. Yours are straight to the point and VERY helpful. Have a question: How would you add another interactive dashboard the pops up on the same dashboard?
Hi sir,I found it extremely helpful, can u please share that movie dataset u had used and other datasets used in playlist for both dashboard classic and dashboard studio
Hi Sathya, Thanks. Regarding the input source you can checkout my other video th-cam.com/video/JshI6JT60Rs/w-d-xo.html. Please note that there was a small issue with the script in video description I have given the github link for correct code. Please have a look.
Hi Siddhartha, I am looking to deploy (GET/POST/DEL) Dashboards with REST API, is that something we can do with Splunk API? I was not able to get a proper example over splunk or internet search, can you please help me with it?
Hi Sid, Happy New Year! Hope you are doing good. Really informational videos I see on your channel. Will it be possible for you to demonstrate features like show/Hide panels within a Splunk dashboard by user's choice.
Hello, the video is very useful and informative!! I was trying to create a dashboard with multiple dropdown inputs... while I was trying to pass the token with $$ unfortunately it's not getting refreshed and no data error showing in all the panels I can able to do with only one token. Will you please suggest or guide me on this?
Hi, I was working with Macros. In one of the prebuild dashboard there is a macro and it is defenition contain a special word - $monthSpl$ . What is this Monthspl and how can i see this in splunk.
$monthSpl$ is the input parameter of the macro. In your query where you are calling this macro you should have passed some values to it, that would be captured as $monthSpl$
Thank you so much for sharing your knowledge. It is very clear and informative. Can you please do a video on sending Syslog data to splunk . Thank you Wondwossen
Thanks Archit..regarding your question you mean drilling down from one page to another? you can pass the token as query parameter to the next page. I will try to create a video for this.
@@splunk_ml Hi Sid,I mean, If a user choses a set of filters on one dashboard,they should remain intact once the user move on to next dashboard ,so that same set of steps(of choosing filter) need not to be done again.
Quick question here: If I only give index= "myindex" | fields * in base search query of dashboard and then I use that base search query for other panels, Is it a good idea to optimize dashboard loading time or not?
Its always good to use only those fields which you need for your panels. field * will also include _raw field as well ...so if the serach output is huge it will eat up the user disk quota.
Hello Sir, I need your help with below scenario:- I need two input panels: dropdown and textbox, such that the dropdown gives a list of macros, and when we select one of the option, it's corresponding macro definition gets loaded in the textbox. So far, I have been able to create a dropdown which invokes each macro by selecting one of the option. Thank you.
You can use the below rest command to list all the macros, (in dropdown) | rest splunk_server=local /servicesNS/-/-/admin/macros | table title, args, eai:acl.app, definition Then use the below rest command to display the definition of each macro, | rest splunk_server=local /servicesNS/-/-/configs/conf-macros You need to pass the token from your dropdown to the second search
Hi sid, Will you help me here.I have to run each pannels individually based on selecting the particular pannel using radio buttons but the condition here is have to use only one input field for all pannels.
Hi Raghu, What you need to do is create a radio group and for each radio the value you can set is the panel level search. Then use the raido group token in your panel.
@@splunk_ml hey Sid thank you,This is working but now I encountered another problem as the input is taking from radio button search starts running automatically and populating pannel.Can you suggest me how to avoid this,I have to run search after clicking submit button.
Hi Raghu, In that radio group change tag you can set token based on value selected in the radio and use that token in your panel level search, this will force the panel level search to wait for the token to set.
Hi Sir!!! Awesome content. Now I got a better idea of streamstats. One kind request can you please create the same way for eventstats. I am not getting how to work with it. It would be really helpful
Actually there is not much to talk about eventstats, although I created two videos which may be helpful, th-cam.com/video/VbdewD-JBr0/w-d-xo.html th-cam.com/video/oD2PIjtLv74/w-d-xo.html
Hi Sir Can you please let me know by default all your reports taking "All Time" to produce the results? Since you are not using any time picker and no earliest and latest values are mentioned so from where these reports know for what duration they should find the data. Can you please elaborate on it? Thanks in advance
Hi, The main intension behind this video was to show different filters, that why I didn't used timepicker. I have created separate video for timepicker.
Quick question, I'm using rex in base search along with named groups which is giving me error "Unexpected close tag" How can I escape named group tags in source?
@@splunk_ml Tq, it's working but values are not populating only showing All, when i type in search head it is showing results not sure where I'm missing
Well I mainly work in splunk as a technology, thats why trying to share my knowledge. If anyday I get enough knowledge in tableau, Power BI I will definitely cover them.
Nice video. This helped me create my first production dashboard! Honestly, this was better than the Splunk documentation. A more real world example that I could adapt to my needs. Thanks for the Github. Saved me a lot of typing. 🙂
Excellent job making these videos. You're doing people in the growing Splunk community a great service.
True i created my dashboard and presented to client with this video's help..Thanks alot
great video! Love to see the splunk community growing on youtube!
Very well done, easy to follow. I like the errors you included, it makes the video very personal. Thank you
Thanks mate
Great videos you have. I've searched "countless" videos and information before for a long time. Yours are straight to the point and VERY helpful. Have a question: How would you add another interactive dashboard the pops up on the same dashboard?
Thank you! Base Search is what I needed to make all this work.
Execellent Job you have done brother...thanks a lot for sharing this ..
Very clear explanation and easy to understand the concepts. Appreciate your effort😊👍
Thanks Mani :)
Super helpful. Step by step guidance
No words!! Nicely explained!! Awesome job!!
Thanks for making such a awsome videos bro❤
Great video, hope you can remake this and zoom on the coding so it would be more convenient to view the coding/syntax 🤓
Cristal clear... Nicely explained.. Thanks
thank you for making these videos, please keep making them :)
Thx Jimmy..:)
Thank for the video sir, could you please make a video on the interview questions and answers, with examples.
great video, good to understand, made my first dashboard with this
Hi sir,I found it extremely helpful, can u please share that movie dataset u had used and other datasets used in playlist for both dashboard classic and dashboard studio
Hi Sir
Awesome Explanation Learning a lot !!! What type of input source you are using in this vedio...How to index the input source
Hi Sathya,
Thanks. Regarding the input source you can checkout my other video th-cam.com/video/JshI6JT60Rs/w-d-xo.html. Please note that there was a small issue with the script in video description I have given the github link for correct code. Please have a look.
where is the previous video? Can you pls share the link. I want to watch the first video mentioned here.
Excellent one. Thanks for sharing
how did you add those logs and where we have to take those logs
Thank you for this. It was very helpful.
Can we create multi app dashboard in splunk, multiple apps in one graph or pie chart
Hi Siddhartha, I am looking to deploy (GET/POST/DEL) Dashboards with REST API, is that something we can do with Splunk API? I was not able to get a proper example over splunk or internet search, can you please help me with it?
Hi Sid, Happy New Year! Hope you are doing good.
Really informational videos I see on your channel.
Will it be possible for you to demonstrate features like show/Hide panels within a Splunk dashboard by user's choice.
Happy New Year Archit. For your requirement please find the below video I created before,
th-cam.com/video/XLOWYswYZAs/w-d-xo.html
Very Helpful ..thanks a lot 😊
Thank you very much sid sir....
Hello, the video is very useful and informative!! I was trying to create a dashboard with multiple dropdown inputs... while I was trying to pass the token with $$ unfortunately it's not getting refreshed and no data error showing in all the panels I can able to do with only one token. Will you please suggest or guide me on this?
Hi, I was working with Macros. In one of the prebuild dashboard there is a macro and it is defenition contain a special word - $monthSpl$ . What is this Monthspl and how can i see this in splunk.
$monthSpl$ is the input parameter of the macro. In your query where you are calling this macro you should have passed some values to it, that would be captured as $monthSpl$
Hey Question, wouldn't have been easier to just use a regular expression to extract the year?
yeah we can do that too. Even we can keep this year extraction in props as well so that we dont need to explicitly extract in our query.
Great job, thank you very much 👍
Thank you so much for sharing your knowledge. It is very clear and informative. Can you please do a video on sending Syslog data to splunk .
Thank you
Wondwossen
Thank you.. can we display 0 for the search with no events..
Excellent video! I have a Dashboard that will be updated tomorrow.
Thanks Kevin 👍
Great Video, Sid, Will it be possible for you to do a video on how to preserve top filters when moving from one dashboard to another ?
Thanks Archit..regarding your question you mean drilling down from one page to another? you can pass the token as query parameter to the next page. I will try to create a video for this.
@@splunk_ml Hi Sid,I mean, If a user choses a set of filters on one dashboard,they should remain intact once the user move on to next dashboard ,so that same set of steps(of choosing filter) need not to be done again.
Great Video on Dashboards, one clarification - how to get the counts on year-wise language-wise, genre-wise ?
You can use stats command to achieve that.
Hi bro... Where to refer the syntaxes for building queries?
Very nice session
Thank you 😊
Fantastic tutorial. Thank you.
how did you get those logs? If you have the file, can you please share it?
Thanks,
Quick question here:
If I only give
index= "myindex" | fields *
in base search query of dashboard and then I use that base search query for other panels, Is it a good idea to optimize dashboard loading time or not?
Its always good to use only those fields which you need for your panels. field * will also include _raw field as well ...so if the serach output is huge it will eat up the user disk quota.
Hello Sir,
I need your help with below scenario:-
I need two input panels: dropdown and textbox, such that the dropdown gives a list of macros, and when we select one of the option, it's corresponding macro definition gets loaded in the textbox.
So far, I have been able to create a dropdown which invokes each macro by selecting one of the option.
Thank you.
You can use the below rest command to list all the macros, (in dropdown)
| rest splunk_server=local /servicesNS/-/-/admin/macros
| table title, args, eai:acl.app, definition
Then use the below rest command to display the definition of each macro,
| rest splunk_server=local /servicesNS/-/-/configs/conf-macros
You need to pass the token from your dropdown to the second search
@@splunk_ml Thank you Sir.
Nice explanation .....
Hi sid,
Will you help me here.I have to run each pannels individually based on selecting the particular pannel using radio buttons but the condition here is have to use only one input field for all pannels.
Hi Raghu,
What you need to do is create a radio group and for each radio the value you can set is the panel level search. Then use the raido group token in your panel.
@@splunk_ml hey Sid thank you,This is working but now I encountered another problem as the input is taking from radio button search starts running automatically and populating pannel.Can you suggest me how to avoid this,I have to run search after clicking submit button.
Hi Raghu,
In that radio group change tag you can set token based on value selected in the radio and use that token in your panel level search, this will force the panel level search to wait for the token to set.
@@splunk_ml Thanks Sid,This is working fine now.
in your video playlist of splunk if I have to learn splunk from where I have to watch your video
Excellent how to get logs in json format
After you create a tag, say , what key are you pressing to automatically get the end tag: ?
no key is required.. splunk automatically doing that when you press ">"
Hi Sir!!!
Awesome content. Now I got a better idea of streamstats. One kind request can you please create the same way for eventstats. I am not getting how to work with it. It would be really helpful
Actually there is not much to talk about eventstats, although I created two videos which may be helpful,
th-cam.com/video/VbdewD-JBr0/w-d-xo.html
th-cam.com/video/oD2PIjtLv74/w-d-xo.html
@@splunk_ml thanks sir!!!
Hi Sir
Can you please let me know by default all your reports taking "All Time" to produce the results?
Since you are not using any time picker and no earliest and latest values are mentioned so from where these reports know for what duration they should find the data.
Can you please elaborate on it?
Thanks in advance
Hi,
The main intension behind this video was to show different filters, that why I didn't used timepicker. I have created separate video for timepicker.
I prefer the GUI interface for dashboards, its fine, but more time consuming to craete dashboards.
Super Cool. Thanks.
Excellent.... Thanks
Quick question, I'm using rex in base search along with named groups which is giving me error "Unexpected close tag"
How can I escape named group tags in source?
Replace less that with < and greater than with >
@@splunk_ml does it maintain its default behaviour? I mean it capture groups ? Thank you for quick reply
It should... Internally splunk will replace it with .
@@splunk_ml Tq, it's working but values are not populating only showing All, when i type in search head it is showing results not sure where I'm missing
Will it be possible for you to send me the code example? I will take a look
Excellent Job
Very useful video.
Why Splunk and not tableau, power bi, or QlikView?
Well I mainly work in splunk as a technology, thats why trying to share my knowledge. If anyday I get enough knowledge in tableau, Power BI I will definitely cover them.
fantastic explanation!!
4:47 - 04:52 - what was that ?
Hi Sid!! My base search is not working can you by any chance help me out
Can you please tell me what issue you are facing?
Can you please create a new video for tmdb getting data in?
Very helpful
Awesome, very helpful
Sir, can you make video on workflow actions in splunk? please
Yes.. Its in my todo. I will cover it soon.
Great content, Thanks a lot.
where can i get the data files from ?
Please check this video,
th-cam.com/video/JshI6JT60Rs/w-d-xo.html
Good Stuff
Excellent, Thank you
I dont find the app nor the logs only the code=0(
Hi Carolina,
To get the log please follow the below video where I discussed the scripted input.
th-cam.com/video/JshI6JT60Rs/w-d-xo.html
Can you provide me logs for above dashboard
You will find the github link in video description.
Hi Sir,can you share the dump file for this logs please,it will help me to practise more precisely,thank you
I am really sorry Manoj I lost the back up for the older videos :(
Thank you❤
Great work. I'm interested in the raw xml of this dashboard can you please email a copy to your newest member? Regards Val.
Thank you. In the video description you will get the github link. From there you can download the xml
just impeccable...
Awesome
absolutely awesome .
Good vedio
:)
Great ! Can you please explain How to set alerts as per Business transaction ?
Thanks...I created lots of contents regarding splunk alerts..you can find them in splunk development playlist.
@@splunk_ml that's great ! Can you please share links as well ...
You can start from here
th-cam.com/video/fXrva45eYFk/w-d-xo.html
And follow the playlist.
Ending every sentence with "okay" really made this hard for me to follow
i really wish i could understand what you are saying.
this is far more complicated than just using power bi or tableau for reporting...
Hi sir
I did the same submit button true and whenchanged false but still on clicking submit btn dashboard is not refreshed...plz suggest