This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| .show-tokens { | |
| background: white; | |
| border-top: 1px solid #ccc; | |
| } | |
| .show-tokens h3 { | |
| padding-left: 20px; | |
| } | |
| .show-tokens .token-name, .show-tokens .token-value { | |
| font-family: monospace; | |
| } |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| require([ | |
| 'jquery', | |
| 'underscore', | |
| 'splunkjs/mvc', | |
| 'splunkjs/mvc/simplexml/ready!' | |
| ], | |
| function( | |
| $, | |
| _, | |
| mvc |
hobbes3
/ props.conf
Last active
August 29, 2015 14:08
hobbes3_sample solution props transforms onboarding
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| [hobbes3_sample] | |
| # http://regex101.com/r/sJ2xP4/1 | |
| LINE_BREAKER = ([\r\n]+)(?:logger logger: \d{4}\/\d{2}\/\d{2}T\S+|$) | |
| # Or you could do one crazy LINE_BREAKER without using any SEDCMD: http://regex101.com/r/sJ2xP4/4 | |
| # But then don't forget to update TIME_PREFIX to TIME_PREFIX = ^ | |
| TRUNCATE = 1000 | |
| SHOULD_LINEMERGE = False | |
| # http://regex101.com/r/sK6yR6/2 | |
| TIME_PREFIX = logger logger:\s | |
| TIME_FORMAT = %Y/%m/%dT%T%3N%z |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <panel> | |
| <html> | |
| <h2>Flight Overview (drilldown)</h2> | |
| <div id="chordchart_search" class="splunk-manager" data-require="splunkjs/mvc/searchmanager" data-options='{ | |
| "search": "sourcetype=flight | stats count by from to", | |
| "preview": true, | |
| "earliest_time": "-24h@h", | |
| "latest_time": "now" | |
| }'> | |
| </div> |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| require([ | |
| 'jquery', | |
| 'underscore', | |
| 'splunkjs/mvc', | |
| 'splunkjs/mvc/simplexml/ready!' | |
| ], function( | |
| $, | |
| _, | |
| mvc | |
| ) { |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| /* | |
| * Updated ONLY for 6.3 (not tested on other Splunk versions) | |
| * Known issue: Color ranges for Marker Gauge is all black because I can't distinguish between the different <rect> in the SVG | |
| * - hobbes3 | |
| */ | |
| /* BACKGROUND */ | |
| body, | |
| .dashboard-body, | |
| .footer, |
hobbes3
/ format_time.js
Last active
October 6, 2015 18:56
format _time oneshot earliest latest modifier
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| function format_time(time, token_name) { | |
| var service = mvc.createService(); | |
| var convert_search = 'search index=foo earliest=' + time + ' | localop | stats count | addinfo | eval output=strftime(info_min_time, "%F %T")'; | |
| // Run a oneshot search to convert the date string to epoch *to the user's timezone preference* | |
| service.oneshotSearch(convert_search, {}, function(err, results) { | |
| var time_formatted = results.rows[0][results.fields.indexOf("output")]; | |
| unsubmitted_tokens.set(token_name, time_formatted); |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| // Not sure if it works with event view 100% of the time | |
| function move_paginator_to_top(panel_id) { | |
| var paginator = $("#" + panel_id).find("div.splunk-paginator"); | |
| var results_table = $("#" + panel_id).find("div.shared-resultstable-resultstablemaster"); | |
| $(results_table).css("clear", "both"); | |
| $(paginator).css("clear", "both"); | |
| $(results_table).before($(paginator)); | |
| } |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| require([ | |
| 'jquery', | |
| 'underscore', | |
| 'splunkjs/mvc', | |
| 'splunkjs/mvc/simplexml/ready!' | |
| ], function( | |
| $, | |
| _, | |
| mvc | |
| ) { |