2 #Introduction to A new way of building dashboard in Splunk 8.2!! – 24:10
3 #UI tour and discussion on base & chain search data source – 28:21
4 #Discussion on saved search data sources
5 #How to create mock data using ds.test datasource
6 #Discussion on single value icon visualization
7 #Discusiion on Single Value visualization with trend
8 #Discussion on Dynamic Options Syntax (DOS)
9 #Working with inputs and tokens - PART 1
10 #Working with inputs and tokens - PART 2
11 #Working with inputs and tokens - PART 3
12 #How to visualize geospatial data
13 #Discussion on table formatting
#Dashboard Notes:
Login Splunk – Apps – Manage – Splunk Dashboard Studio – click “Launch App”
To Create a Dashboard – Search > Dashboards > Create New Dashboard >
provide Title, description
Chooses
Classic Dashnboards
Dashboard Studio
Absolute or
Grid.
Choropleth svg images ???
Dashboar7d Studio Menus
Add Chart
Add Input
Dropdown
Multiselect
Text
Number
Time Range
Add Icon
Add Shape
Ellipse
Rectangle
Line
Add Image
Add Markdown Text
Configuration
Datasource
Source code
Help LInks
Dashboard
Canvas
Background image
Datasource
Ds.savedSearch
Ds.search
Ds.test
Ds.chain
#Introduction to A new way of building dashboard in Splunk 8.2!! – 24:10
Splunk Dashboard Studio is an APP
Very customizable
Types in Dashboard Studie > Grid Vs Absolute
Source code in json
Classic Dashboard
Classic Dashboards (Simple XML)
Simple XML with JS extension
HTML Dashboard (Not recommended, will be deprecated)
Source code in html
Go to the settings > find Splunk Dashboard Studio > Launch
Go to Search & Reporting – Go to Dashboard – create dashboard – this will show two options - Classic or Dashboard studio
Dashboard studio has two visualizations – Absolute or Grid
#UI tour and discussion on base & chain search data source – 28:21
Absolute layout choosen
Uploaded image in cavas stored in kvstore internally
#Discussion on saved search data sources
Added image in background of the Dashboard
Added visualization
Added Data – Base search - query and chain search query
We can see the Dashboard code (Json)
Data Overview
Seach
Base Search
Saved Search
Chain Search
Datastudio Source code is > JSON Parts are Visualizations, Datasources,Defaults (data source), inputs, layouts, (description ,Title are main keys,)
{
"visualizations": {},
"dataSources": {},
"defaults": {
"dataSources": {
"ds.search": {
"options": {
"queryParameters": {
"latest": "$global_time.latest$",
"earliest": "$global_time.earliest$"
}
}
}
}
},
"inputs": {
"input_global_trp": {
"type": "input.timerange",
"options": {
"token": "global_time",
"defaultValue": "-24h@h,now"
},
"title": "Global Time Range"
}
},
"layout": {
"type": "absolute",
"options": {
"width": 1440,
"height": 960,
"display": "auto"
},
"structure": [],
"globalInputs": [
"input_global_trp"
]
},
"description": "Tmp Poov",
"title": "TmpDashboard"
}
Datasource should have unique name “ds_xxxx”
Datasource types incode are : type : “ds.savedSearch” or ds.search or ds.chain
Ds.savedsearch for schnedule job
Ref for reference of the saved search to refer
??? what is app? How can we create?
Ds.savedSearch syntex
#How to create mock data using ds.test datasource
#Discussion on single value icon visualization
Data and images used in this video can be downloaded from the below repo, https://github.com/siddharthajuprod07...
Data also can be downloaded from Kaggle: https://www.kaggle.com/josephassaker/...
Image downloaded from https://pixabay.com/
Single value > icon or
#Discusiion on Single Value visualization with trend
Sparkline
Radial chart
Search query by using table
#Discussion on Dynamic Options Syntax (DOS)
https://docs.splunk.com/Documentation/SplunkCloud/9.1.2308/DashStudio/DashStudioDynOptions
Go to the code –
Formatting functions
Links provided
Docs syntexc - https://docs.splunk.com/Documentation/Splunk/8.2.3/DashStudio/dynamicOptionsSyntax
Selector and formatting functions: https://docs.splunk.com/Documentation/Splunk/8.2.3/DashStudio/selectorFormattingFuncts
Object options and defaults reference: https://docs.splunk.com/Documentation/Splunk/8.2.3/DashStudio/Comparison#Single_value
Code used in this video can be downloaded from the below repo, https://github.com/siddharthajuprod07/youtube/blob/master/DOS/dashboard_code.json
#Working with inputs and tokens - PART 1
Single visualization – country in drop down – based on the dropdown value the text, sparkline etc to be displayed
Add Input – choose Dropdown to hold country names
Dropdown configuration is Title, Token Name,
Develop search then attach with dropdown
Add data source in dropdown visualization
Program changed from country to generic
Submit button introduced.
Submit button gives wrong functionality – not good
#Working with inputs and tokens - PART 2
As Submit button has some flow removed
Multi - selection now
ClearDefaultOnSelection = true
Filter by where before time chart – it is good
#Working with inputs and tokens - PART 3
span in days – user can increase or decrease the time span in days
#How to visualize geospatial data
Create maps in dashboard studio
Csv file for vendor details from multiple countries
Details based on the vendor
Either Bubble or Marker to show locations in the map
#Discussion on table formatting
No comments:
Post a Comment