Versions Compared

Old Version 1

changes.mady.by.user Panna .

Saved on

compared with

New Version 2

changes.mady.by.user Shwetha S

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

You can view the overall summary of DNS, DHCP, and IPAM activities in the Home Dashboard page. This page presents a summary view of the following:

...

  • About Searches

  • Best Practices for Customizing Searches

  • Creating Reports from a Search

  • Saving a Search as a Dashboard Panel

  • Exporting Search Results

  • Saving Search as Alerts

About Searches

Searches are criteria that the reporting server uses to save reports and dashboard panels. Each predefined report has an associated search. For more information, refer to the official Splunk documentation: http://docs.splunk.com/Documentation.
To run a search:

  1. From the Reporting tab, select the Search tab.

  2. Enter the search criteria. Use the auto-open search tips from Splunk.

  3. If necessary, select a time range in the time range picker at the end of the search bar. By default, it is set to Last 24 Hours.

  4. Click the Search icon.

The search results are based on the most seen events for the dashboards listed in the table below. To know more about dedup searches, reports, or dashboards, refer to https://docs.splunk.com/Documentation/Splunk/8.2.4/SearchReference/Dedup.

Dashboards and Deduplicate Key(s)

Dashboard

Deduplicate Key(s)

Inactive IP Addresses, for more information see Devices (Discovery) Dashboards.

Network view + IP address

For more information about these dashboards, see IPAMv4 Utilization Dashboards.

DHCPv4 Top UtilizedNetworks

Network view + network

DNSStatistics per DNSView

DNS view

DNSStatisticsperZone

DNS view + DNS zone

IPAMv4 Network Usage Statistics

Network view + Network

IPAMv4 Top UtilizedNetworks

Network view + Network


Sample Search Summary

...

The search results are displayed in the New Search panel, as illustrated in the New Search View. In the New Search panel, you can save search results as ReportDashboard Panel, and Alert.

...

You can create reports by saving a search as a report. To save a search as a report:

  1. From the Reporting tab, select the Search tab.

  2. Enter the search criteria and then click the Search icon. The search results are displayed in the New Search panel.

  3. From the Save As drop-down list, click Report to generate a report.

  4. Enter title and description.

  5. Click Save.

  6. Do one of the following in the Your report has been created dialog box:

    • Click View to view your report on the Report page.

    • Click Continue Editing to edit.

    • Click Add to Dashboard to add new report to the dashboard panel.

You can also complete the following settings in the Your report has been created dialog box:

...

You can save a search as a dashboard panel.
Do the following to save a search as a dashboard panel:

  1. On the Reporting tab, select the Search tab.

  2. Enter the search criteria and then click the Search icon. The search results are displayed in the New Search panel.

  3. From the Save As drop-down list, choose New Dashboard to create a dashboard panel, or, you can choose Existing Dashboard to save the search to an existing dashboard panel.

  4. In the Save Panel to New Dashboard dialog box, complete the following:

    1. In the Dashboard Title field, enter a title.

    2. Click Edit ID to modify the Dashboard ID field. It should only contain letters, numbers, and underscores.

    3. In the Description field, type a description.

    4. Select Classic Dashboards, or select Dashboard Studio and choose Absolute or Grid layout to create a dashboard.
      Classic Dashboards type of dashboard is the traditional splunk dashboard builder.
      Dashboard Studio type of dashboards are new type of dashboards available with the latest splunk version.

    5. Click Save to Dashboard.

  5. When prompted, click View Dashboard to view the dashboard in the Dashboard panel. For more information, see About Dashboards.

Note

Note

There are no pre-defined dashboards available for the Dashboard Studio.

...

You can export the data in the selected search in CSV (comma separated value) or XML format. Note that this may take a long time depending on the amount of data you want to export. To schedule the export of search results to an FTP, SCP, or TFTP server configured on the Set up page, select File Transfer Action when creating a scheduled alert, as described in Creating Scheduled Alerts, see About Alerts.
To export data in a selected search:

...

  1. From the Reporting tab, select the Search tab.

  2. Enter the search criteria and then click the Search icon. The search results are displayed in the New Search panel.

  3. Click the Export icon

...

  1. icon_splunk_export.jpgImage Added  to export search results.

  2. In the Export Results dialog box, complete the following:

    • Format: Select CSVXML or JSON from the Format drop-down list.

    • File Name: Specify a file name for the export file. This is optional.

    • Number of Results:(Limited or Unlimited). If you select Limited, enter the number of results to be exported in the Max Results field.

  3. Click Export.

Saving Search as Alerts

To save a search as an alert:

  1. From the Reporting tab, select the Search tab.

  2. Enter the search criteria and then click the Search icon.

  3. From the Save As drop-down list, click Alert.

  4. In the Save As Alert dialog box, specify all alert settings. For information about creating scheduling alerts, see About Alerts.

  5. Click Save.