Splunk Search

Organizing "Searches and Reports" and "Views"

davidc
Engager

What's the best way to organize "Searches and Reports" and "Views"? I'm trying to figure out some type of structure before it's to late. Currently we have 20 - 30 of each and it's a pain selecting "Searches and Reports" and seeing ALL searches ditto for "Views".

I would like to create a service subfolder and add searches and reports that are associated to that service.

Is this possible? I'm running Splunk 4.1.6

Tags (1)

Paolo_Prigione
Builder

Yes it does. You can just nest the <collection> tags one into each other.

<collection label="Status">
    <collection label="Search activity">
      <view name="search_status" />
      <view name="search_detail_activity" />
      <view name="search_user_activity" />
      <view name="search_ui_activity" />
    </collection>
    <collection label="Index activity">
      <view name="index_status" />
....

stefanlasiewski
Contributor
0 Karma

davidc
Engager

NM. I figured it out.

Does Splunk 4.1.6 support multi-level nav menu?

0 Karma
Get Updates on the Splunk Community!

Index This | I am a number, but when you add ‘G’ to me, I go away. What number am I?

March 2024 Edition Hayyy Splunk Education Enthusiasts and the Eternally Curious!  We’re back with another ...

What’s New in Splunk App for PCI Compliance 5.3.1?

The Splunk App for PCI Compliance allows customers to extend the power of their existing Splunk solution with ...

Extending Observability Content to Splunk Cloud

Register to join us !   In this Extending Observability Content to Splunk Cloud Tech Talk, you'll see how to ...