Book Image

Mastering Splunk

By : James D. Miller
Book Image

Mastering Splunk

By: James D. Miller

Overview of this book

Table of Contents (18 chapters)
Mastering Splunk
Credits
About the Author
About the Reviewers
www.PacktPub.com
Preface
Index

Form searching


Some Splunk dashboards contain search forms. A search form is just another Splunk view (and is actually very similar to a Spunk dashboard) which provides an interface for users to supply values to one or more search terms.

Using textboxes, drop-down menus, or radio buttons, a search form allows users to focus only on what they are searching for (and the results, which can be displayed in the tables, event listings, or any of the visualizations available), as discussed here:

  • Textboxes: They take specific field values or display a default value

  • Drop-down menus and lists: They contain dynamically defined collections of search terms

  • Radio buttons: They force to choose particular field values

  • Multiple result panels: They generate different kinds of visualizations

An example of a search form

Take an example of the following simple Splunk search pipeline:

sourcetype=TM1* Error

Based on the preceding Splunk search pipeline, we can use the Splunk search page to run the search and receive...