O'Reilly logo

Implementing Splunk - Second Edition by James D Miller, Vincent Bumgarner

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Using wizards to build dashboards

Since the goal of this chapter is understanding Splunk dashboards (and not the fundamentals of searching), we'll utilize several new simple search strings as well as some of the queries from previous chapters to illustrate certain points. So, let's start by making an operational dashboard for showing Forecast Events within our indexed data. The following is a simple search string to begin our exercise:

sourcetype="*" Forecast | timechart count as "Forecast Events" by date_month
Using wizards to build dashboards

In addition to our search string, I've selected Previous Year from the Splunk presets (see the preceding image).

This will produce a graph ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required