Building forms

Forms allow you to make a template that needs one or more pieces of information supplied to run. You can build these directly using raw XML, but I find it simpler to build a simple dashboard and then modify the XML accordingly. The other option is to copy an example, like those found in the UI Examples app (see the UI Examples app section, earlier in this chapter). We will touch on a simple use case in the following section.

Creating a form from a dashboard

First, let's think of a use case. How about a form that tells us about errors for a particular user? Let's start with a report for a particular user, our friend mary:

sourcetype="impl_splunk_gen" error user="mary"
  | stats count by logger

Now let's create a simple dashboard using ...

Get Implementing Splunk: Big Data Reporting and Development for Operational Intelligence now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Implementing Splunk: Big Data Reporting and Development for Operational Intelligence by Vincent Bumgarner

Building forms

Creating a form from a dashboard

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly