Rest of the default Visualtization in Splunk Go back to select Visualization next to your search icon and choose Filter Gauge. As you can see we have a limit which was set as part of our radial gauge from zero to 400. So it is up to in our appreciable range of blue. We can change the colors in a similar fashion where you can choose for at visualization color ranges and choose whichever colors you would like. This should be able to give you a filter range in case…

What is a Splunk Workflow? We have learned more about drill down futures in the dashboard, using which you should be able to create some wonderful use cases which you can use narrowing down by the splunk. Drill down futures into multiple dashboards or the same dashboards. Now let us see how we can add more value to splunk by creating a workflow. Imagine what is the first step you do when you find some weird IP address or some string in your logs. What is the first thing that…

Dashboard Drill down Example In this module we will be seeing more about the drill down features and how we can enhance the dashboards that we have created as part of our previous modules to narrow down the events which are generated by these IP addresses or the host names or any criteria which we use to to drill down. Or we can say something as narrowing down the cause of the issue. We’ll see how splunk dashboards can be enhanced so that without writing additional search queries, it can…

Dashboard Filters: Text Box Edit search option. Time Range picker is our shared token that we have just created. So you can make this. This is one way to edit the input. The second way is you can go to Source where you can see here there is a tag added earliest, time dot earliest and Time dot latest which represents your token value time that has been defined here. That is last 30 days by default and the token name is Time. So this token is getting passed in…

Editing Dashboard Using Source We have seen how to add this multiple panels into our dashboard by various methods like using search bar and also using panel created by Dashboard Edit. Now you can also edit panel by editing the source. When I say source, the dashboard source is always an xml file. If you want to view the source source or how splunk is able to interpret this panels and the reports, dashboards and stuff, you can go here. Click on edit. As you can see, make sure that…

Creating your Own Splunk App Via Splunk Web Now we have learned how to create apps using your linux cli or the splunk backend console. Now let us see how we can create our own apps using splunk web. That is your searcher where you can create your apps on the fly using your web console. For that. Click on Apps Management. That is the settings icon next to your apps which will take you to the installation of app screen where we have installed addons and other applications as…

Creating your Own Splunk App Now we have learned managing apps and add ons in splunk that is installing, deleting, disabling, add ons and apps on your splunk instance. Now, how we can create our own apps in splunk. That is we’ll be learning more about how to create our own apps for your internal teams or your work on some new technology, new logic that seems to have more value so that you are willing to share this with other community people. You can package this as an app…

Installing Splunk Add on From Splunk CLI So in our previous video we have successfully installed our Microsoft Windows technology addon on our searcher and we made it visible. Now let us see in the back end what all the files are created and how the architecture of these directories are present. So let us go to our searcher. This is our searcher. I’ll go to etc. That is splunk home first. This is splunk home etc apps. This will be the directory all the add ons and apps that…

What is an Add on? Hi, welcome to this video. In this video you’ll be understanding more about what are add ons and how to install them. And also throughout this course we’ll be learning how to install add ons, how to install an application on splunk, how to download this application, how to create your own application, how to submit your newly created application to the splunk portal and get it splunk verified. Similarly, we’ll be seeing how to customize your application based on views, based on dashboards, or…

Splunk CLI: BTOOL Usage The next command which is one of the most important in Splunk is btool. Using btool, you can list almost any configuration in the Splunk instance. Let us go through some of the examples. To invoke btool, go to your Splunk home directory bin Splunk. You need to follow up with the command that is cmd. After cmd, we’ll name the utility name that is our B tool. So this is a Splunk command B Tool which is used for listing configuration and verifying this information…