- Apps and Add-ons
- :
- All Apps and Add-ons
- :
- How to create a dashboard with text input fields t...
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark Topic
- Subscribe to Topic
- Mute Topic
- Printer Friendly Page
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
How to create a dashboard with text input fields that will update a lookup file?
Is there a way to create a dashboard with text input fields that does not do any searching, but rather pushes user input into a new row within a created input file?
Basically what I am trying to accomplish is this:
Lookup File: userLoggedInfo.csv
Dashboard: User Log
Dashboard looks like this:
Event: | Text Box |
Time of Event: | Text Box |
IP in event: | Text Box |
Analysis Notes: | Text Box |
When a user plugs in information I want to add what the user wrote to the lookupfile in a new row.
So before user inputs information, the file would look like this:
|Event|Time of Event|IP in Event|Analysis notes|
After the user hits the submit button in the dashboard, it should update like so and any future submission would be added to the next empty row:
|Event |Time of Event |IP in Event |Analysis notes |
|HD Error | Dec 21 | 192.168.16.1 | HardDrive failed because a rock was thrown at it. Verified|
So what would be a good starting point in learning to make textboxes output non-queried text into a lookup (for later querying) in a submittable form based dashboard?
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi EdgarAllenProse,
given you have a lookup called 478751 which contains the following:
Event,"Time of Event","IP in Event","Analysis notes"
you can use this run everywhere dashboard to see how this can be done:
<form>
<label>How to create a dashboard with text input fields that will update a lookup file?</label>
<description>https://answers.splunk.com/answers/478751/how-to-create-a-dashboard-with-text-input-fields-t.html</description>
<fieldset submitButton="true" autoRun="false">
<input type="text" token="field1">
<label>Event</label>
</input>
<input type="text" token="field2">
<label>Time of Event</label>
</input>
<input type="text" token="field3">
<label>IP in event</label>
</input>
<input type="text" token="field4">
<label>Analysis Notes</label>
</input>
</fieldset>
<row rejects="$field1$">
<panel>
<table>
<search>
<query>| inputlookup 478751 | table Event "Time of Event" "IP in Event" "Analysis notes"</query>
<earliest>-24h@h</earliest>
<latest>now</latest>
</search>
<option name="drilldown">none</option>
</table>
</panel>
</row>
<row depends="$field1$">
<panel>
<table>
<search>
<query>| inputlookup 478751 | append [ | makeresults | eval Event="$field1$", "Time of Event"="$field2$", "IP in Event"="$field3$", "Analysis notes"="$field4$" | fields - _time ] | table Event "Time of Event" "IP in Event" "Analysis notes" | outputlookup 478751</query>
<earliest>-24h@h</earliest>
<latest>now</latest>
</search>
<option name="drilldown">none</option>
</table>
</panel>
</row>
</form>
You can of course change the lookup name to match your file.
Hope this helps ...
cheers, MuS
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Did you find the solution? It will be also useful for me...
Introducing the 2024 SplunkTrust!
Introducing the 2024 Splunk MVPs!
Splunk Custom Visualizations App End of Life
