Presentation is loading. Please wait.

Presentation is loading. Please wait.

Copyright © 2011, Splunk Inc.Listen to your data. Get Started with Splunk Reports & Dashboards.

Published byAlina Cape Modified over 10 years ago

Similar presentations

Presentation on theme: "Copyright © 2011, Splunk Inc.Listen to your data. Get Started with Splunk Reports & Dashboards."— Presentation transcript:

1 Copyright © 2011, Splunk Inc.Listen to your data. Get Started with Splunk Reports & Dashboards

2 Copyright © 2011, Splunk Inc.Listen to your data. Workshop Setup 2 This slide deck is meant only for preparation. Slides near the end of the deck are provided for display. The actual workshop should be performed in Splunk. This is meant to be a 30-45 minute product walkthrough. Concepts can be demonstrated using any dataset so choose one which is relevant to your audience. For illustration purposes, this workshop will use Apache access data commonly sourcetyped as ‘access_combined’.

3 Copyright © 2011, Splunk Inc.Listen to your data. Get Started with Splunk Reports & Dashboards You already know Splunk as a powerful search and analytics engine. Did you know Splunk can also present data as smart graphs, gauges and dashboards? Join us for a workshop on how to build interactive visuals. We will cover the basics of the Splunk Report Builder, saving/sharing reports, arranging reports on dashboards, and how to leverage existing visualizations with Splunk Apps. No need to bring markers or crayons, but feel free to follow along on your own Splunk instance. Get Started with Splunk Reports & Dashboards You already know Splunk as a powerful search and analytics engine. Did you know Splunk can also present data as smart graphs, gauges and dashboards? Join us for a workshop on how to build interactive visuals. We will cover the basics of the Splunk Report Builder, saving/sharing reports, arranging reports on dashboards, and how to leverage existing visualizations with Splunk Apps. No need to bring markers or crayons, but feel free to follow along on your own Splunk instance. Graphic for Spreading the Word For some help marketing the workshop, take a screenshot of this graphic. You might also add specifics on date/time and meeting place.

4 Copyright © 2011, Splunk Inc.Listen to your data. Workshop Structure 4 1. Provide orientation on Search Flash Timeline View  show option to launch Report Builder from 'Build report' link above timeline  show option to launch Report Builder from the filter menu on a particular field

5 Copyright © 2011, Splunk Inc.Listen to your data. 5 2. Discuss what should be done if no field is available  short overview of fields (what are they and why they matter)  show how to use the Interactive Field Extractor (IFX)

6 Copyright © 2011, Splunk Inc.Listen to your data. 6 3. Provide orientation of Report Builder  show how to build a graph over time – Single field over time – example: sourcetype=access_combined | timechart count For each graph type: - relate the widget options to what is generated in the search bar - it may help to close and relaunch the Report Builder after each report For each graph type: - relate the widget options to what is generated in the search bar - it may help to close and relaunch the Report Builder after each report

7 Copyright © 2011, Splunk Inc.Listen to your data. 7 3. Provide orientation of Report Builder  show how to build a graph over time – Multiple fields over time – example: sourcetype=access_combined | timechart avg(bytes) max(bytes)

8 Copyright © 2011, Splunk Inc.Listen to your data. 8 3. Provide orientation of Report Builder  show how to build a graph over time – Single field split by another field – example: sourcetype=access_combined | timechart span=5m count by clientip

9 Copyright © 2011, Splunk Inc.Listen to your data. 9 3. Provide orientation of Report Builder  show how to stack values

10 Copyright © 2011, Splunk Inc.Listen to your data. 10 3. Provide orientation of Report Builder  show how to build a graph on values  example: sourcetype=access_combined | top uri_path

11 Copyright © 2011, Splunk Inc.Listen to your data. 11 4. Show alternate Advanced Charting (AC) view  from the Views menu > Advanced Charting  AC assumes familiarity with the search language  it may be faster to use the search bar to define reports and toggle options – limit = # – useother = false – usenull = false sourcetype=access_combined | timechart limit=20 count by status usenull=f useother=f

12 Copyright © 2011, Splunk Inc.Listen to your data. 12 4. Show alternate Advanced Charting view  show how to build a gauge - requires setting thresholds via search - also requires selections in UI If you want to save or put this gauge on a dashboard, you must save it from the AC or RB. Saving it as a regular search does not associate a proper viewstate and you’ll end up with the default column graph instead of the gauge graphic.

13 Copyright © 2011, Splunk Inc.Listen to your data. 13 5. Show how to save a report and put it on a dashboard  use the 'Save report and add to dashboard' option  discuss why you would want to schedule a report if you are going to share it  create a new dashboard  add the saved report to the dashboard  show where the saved report and dashboard can be accessed after saving 1 1 2 2 3 3

14 Copyright © 2011, Splunk Inc.Listen to your data. 14 6. Show how to edit a dashboard and add more saved reports  just edit the dashboard and add 1 saved report (“Errors in the last hour”)  drag the 2nd report to create a 2 column layout  save it and re-render the dashboard

15 Copyright © 2011, Splunk Inc.Listen to your data. 15 7. Show examples of more advanced dashboards  use the Application Management dashboards  use dashboards from other Apps  show a dashboard with a geoip panel (GoogleMaps or AmMap)

16 Copyright © 2011, Splunk Inc.Listen to your data. 16 8. Briefly discuss how searches/reports/dashboards can be shared/downloaded via Apps 8. Briefly discuss summary indexing  maybe offer a future workshop on it

17 Copyright © 2011, Splunk Inc.Listen to your data. Be Prepared to Address These Questions 17 How can I schedule the report or dashboard to be sent via email? –Hint: PDF Server How can I report over large amounts of data? –Hint: Summary Indexing How can I make my reports load faster? –Hint: Schedule it How can I make my dashboards load faster? –Hint: Summary Indexing + scheduled searches Is there an App for JBoss? Apache? ? –Hint: Show SplunkBase and available Apps, mention build your own and the Splunk UI Development Course

18 Copyright © 2011, Splunk Inc.Listen to your data. Date Name Title Getting Started with Splunk Reports & Dashboards

19 Copyright © 2011, Splunk Inc.Listen to your data. Workshop Agenda Introduction to the Splunk Report Builder Build 6 Different Types of Reports Save/Share Reports Arrange Reports on Dashboards Leverage Existing Visualizations with Splunk Apps 19

20 Copyright © 2011, Splunk Inc.Listen to your data. 20 Reporting/Dashboard Walk Thru

21 Copyright © 2011, Splunk Inc.Listen to your data. 21 Need a Hand?

22 Copyright © 2011, Splunk Inc.Listen to your data. Splunk Documentation 22 http://docs.splunk.com Official Product Docs Wiki and community topics Updated daily Can be printed to.PDF User Manual for Reporting Developer Manual for UI / dashboard customization

23 Copyright © 2011, Splunk Inc.Listen to your data. Splunk Answers 23 http://answers.splunk.com Community driven Splunk supported Knowledge exchange Q & A

24 Copyright © 2011, Splunk Inc.Listen to your data. Splunk Education 24 Recommended for Users –Using Splunk –Searching & Reporting Recommended for UI/Dashboard Developers –Developing Apps Instructor-Led Courses –Web –Onsite

25 Copyright © 2011, Splunk Inc.Listen to your data. 25 Thank You :)

Download ppt "Copyright © 2011, Splunk Inc.Listen to your data. Get Started with Splunk Reports & Dashboards."

Similar presentations

Introduction to Web Bill of Lading Q1 2005. Proprietary and Confidential Copyright © 2005 INTTRA Inc. 2 Agenda Industry Challenges INTTRA Solution Value.

Introduction to Web Bill of Lading Q Proprietary and Confidential Copyright © 2005 INTTRA Inc. 2 Agenda Industry Challenges INTTRA Solution Value.
1 IDX. 2 What you will learn: What IDX is Why its important How to use it Tips and tricks Introduction Q & A.

1 IDX. 2 What you will learn: What IDX is Why its important How to use it Tips and tricks Introduction Q & A.
NWCA OPC Coaches Tutorial Roster, Schedules, Weigh-Ins, Results, and Reports.

NWCA OPC Coaches Tutorial Roster, Schedules, Weigh-Ins, Results, and Reports.
Chapter 1 The Study of Body Function Image PowerPoint

Chapter 1 The Study of Body Function Image PowerPoint
Copyright © 2011, Elsevier Inc. All rights reserved. Chapter 5 Author: Julia Richards and R. Scott Hawley.

Copyright © 2011, Elsevier Inc. All rights reserved. Chapter 5 Author: Julia Richards and R. Scott Hawley.
1 Copyright © 2010, Elsevier Inc. All rights Reserved Fig 2.1 Chapter 2.

1 Copyright © 2010, Elsevier Inc. All rights Reserved Fig 2.1 Chapter 2.
Wikispaces 101 Training Standards & Interoperability (S&I) Framework May 30, 2011 4:00 - 5:00pm EDT 1.

Wikispaces 101 Training Standards & Interoperability (S&I) Framework May 30, :00 - 5:00pm EDT 1.
17 Copyright © 2005, Oracle. All rights reserved. Deploying Applications by Using Java Web Start.

17 Copyright © 2005, Oracle. All rights reserved. Deploying Applications by Using Java Web Start.
PubMed Limits Here is the Limits page. Searches can be limited by restricting terms to fields or setting specific date or record tagging parameters.

PubMed Limits Here is the Limits page. Searches can be limited by restricting terms to fields or setting specific date or record tagging parameters.
Click to edit Master title style Page - 1 OneSky Teams Step-by-Step Online Corporate Communication Support 2006.

Click to edit Master title style Page - 1 OneSky Teams Step-by-Step Online Corporate Communication Support 2006.
State of New Jersey Department of Health and Senior Services Patient Safety Reporting System Module 2 – New Event Entry.

State of New Jersey Department of Health and Senior Services Patient Safety Reporting System Module 2 – New Event Entry.
State of New Jersey Department of Health and Senior Services Patient Safety Reporting System Module 4 – Reports, Resources and Support.

State of New Jersey Department of Health and Senior Services Patient Safety Reporting System Module 4 – Reports, Resources and Support.
Office 2003 Post-Advanced Concepts and Techniques M i c r o s o f t Excel PivotTable List Feature Creating a PivotTable List Web Page Using Excel.

Office 2003 Post-Advanced Concepts and Techniques M i c r o s o f t Excel PivotTable List Feature Creating a PivotTable List Web Page Using Excel.
Jeopardy Q 1 Q 6 Q 11 Q 16 Q 21 Q 2 Q 7 Q 12 Q 17 Q 22 Q 3 Q 8 Q 13

Jeopardy Q 1 Q 6 Q 11 Q 16 Q 21 Q 2 Q 7 Q 12 Q 17 Q 22 Q 3 Q 8 Q 13
Jeopardy Q 1 Q 6 Q 11 Q 16 Q 21 Q 2 Q 7 Q 12 Q 17 Q 22 Q 3 Q 8 Q 13

Jeopardy Q 1 Q 6 Q 11 Q 16 Q 21 Q 2 Q 7 Q 12 Q 17 Q 22 Q 3 Q 8 Q 13
Title Subtitle.

Title Subtitle.
Exit a Customer Chapter 8. Exit a Customer 8-2 Objectives Perform exit summary process consisting of the following steps: Review service records Close.

Exit a Customer Chapter 8. Exit a Customer 8-2 Objectives Perform exit summary process consisting of the following steps: Review service records Close.
Determine Eligibility Chapter 4. Determine Eligibility 4-2 Objectives Search for Customer on database Enter application signed date and eligibility determination.

Determine Eligibility Chapter 4. Determine Eligibility 4-2 Objectives Search for Customer on database Enter application signed date and eligibility determination.
Custom Statutory Programs Chapter 3. Customary Statutory Programs and Titles 3-2 Objectives Add Local Statutory Programs Create Customer Application For.

Custom Statutory Programs Chapter 3. Customary Statutory Programs and Titles 3-2 Objectives Add Local Statutory Programs Create Customer Application For.
©2011 Quest Software, Inc. All rights reserved.. Andrei Polevoi, Tatiana Golubovich Program Management Group ActiveRoles Add-on Manager Overview.

©2011 Quest Software, Inc. All rights reserved.. Andrei Polevoi, Tatiana Golubovich Program Management Group ActiveRoles Add-on Manager Overview.

Similar presentations

Ads by Google