Dashboards & Visualizations

Need help creating a dashboard showing log validation in each environment from different indexes

abhi4
New Member

create dashboard where it can show the per day logs ingestion corresponding to it's relevant environment which shows the count of logs per day into it's related environment but i am facing issues while creating dashboard..please help ..thanks in advance.

0 Karma

gcusello
SplunkTrust
SplunkTrust

Hi abhi4,
did you tried to run a simple search as

index=* | timechart span=1d count by index

?
Bye.
Giuseppe

0 Karma

Richfez
SplunkTrust
SplunkTrust

What actual problem are you having? What have you done so far?

Thanks,
-Rich

0 Karma

abhi4
New Member

Thanks for your reply, i tried with query..
index=*index_name host=hostname| eval application = replace(sourcetype, "_log", "") |
eval length = len (domain_name) |
eval env= ( if(len(domain_name)==11, substr(domain_name,4,4), if(len(domain_name)==12,substr(domain_name,5,4), "undefined"))) |
dedup application env , domain_name | timechart span=1d count(application) by env

It showing me the count of each day but not getting in environment wise..like test 1, test2 test3 ..!

0 Karma
Get Updates on the Splunk Community!

Index This | I am a number, but when you add ‘G’ to me, I go away. What number am I?

March 2024 Edition Hayyy Splunk Education Enthusiasts and the Eternally Curious!  We’re back with another ...

What’s New in Splunk App for PCI Compliance 5.3.1?

The Splunk App for PCI Compliance allows customers to extend the power of their existing Splunk solution with ...

Extending Observability Content to Splunk Cloud

Register to join us !   In this Extending Observability Content to Splunk Cloud Tech Talk, you'll see how to ...