Dashboards & Visualizations

Is it possible to create a dashboard that accepts text and creates a searchable log based on the input?

EdgarAllenProse
Path Finder

I am trying to figure out how to create a dashboard that essentially creates a log that is searchable based on the input.

example:

There are 4 Input boxes and a submit button.

1st text Box:
Date: | User inputs a date |

2nd Text box:
Source IP: | user inputs source IP they are looking at |

3rd Text box
Port: | user inputs a port number |

4th Text box
Notes | a box where user can type in generic notes |

so after those are filled out and the user hits submit, a log is generated that might look like this when queried:

LOG:

 date: 11/23/2016 13:09, Source IP: 192.168.1.1, Port: 443, Notes: "I looked at a thing today, and this is some data I collected. It probably means nothing, but here it is."

Are there any docs, references, or answers that might point me in the right direction?

0 Karma
1 Solution

bshuler_splunk
Splunk Employee
Splunk Employee

bshuler_splunk
Splunk Employee
Splunk Employee

This lets you use javascript to log data to Splunk: http://dev.splunk.com/view/splunk-logging-javascript/SP-CAAAE6U

EdgarAllenProse
Path Finder

Sorry for the late response! So this seems close to what I am trying to do, however, does this work to create a dashboard within splunk that creates logs based off of input in the dashboard? It seems like this is more geared to creating logs from external apps.

0 Karma

sundareshr
Legend

EdgarAllenProse
Path Finder

This was helpful for understanding token usage, but What I am trying to do is create a specific log within splunk. So the input fields aren't used to perform a search, but rather create a combined log that is ultimately queryable. Thank you for a good doc to through in my bookmarks though!

Do you know any other resources more specific to creating logs within splunk?

0 Karma
Get Updates on the Splunk Community!

What's new in Splunk Cloud Platform 9.1.2312?

Hi Splunky people! We are excited to share the newest updates in Splunk Cloud Platform 9.1.2312! Analysts can ...

What’s New in Splunk Security Essentials 3.8.0?

Splunk Security Essentials (SSE) is an app that can amplify the power of your existing Splunk Cloud Platform, ...

Let’s Get You Certified – Vegas-Style at .conf24

Are you ready to level up your Splunk game? Then, let’s get you certified live at .conf24 – our annual user ...