The venerable old-skool Splunk forums are now closed. Feel free to search for old content here, but new posts are no longer supported.
Instead, please visit the thriving community at answers.splunk.com to ask and answer questions about your Splunk deployment and how to get the most out of it.
Previous Topic: Alert Escalation Model | Next Topic: slimming Windows 2008 Server Events (How to get rid of parts in events before indexing?)
Posts 1–6 of 6
Hi all,
I've found this documentation on grouping search results.
https://splunk.spidertracks.com/en-US/manager/search/data/ui/views
I have 8 searches that start with "Spidertracks" and I'd like to group them. I've read the documentation and it doesn't actually tell me "How" to group these things together. How do I go about doing this?
http://www.splunk.com/base/Documentation/latest/Knowledge/Abouttransactions
I'm not sure what the documentation is. Also, I'm not clear what exactly you mean by "grouping search results". Do you mean you have separate searches and you just want each of them to be laid out on the same page? If so, you can just make a dashboard with the search results: http://www.splunk.com/base/Documentation/latest/User/CreateSimpleDashboards
Basically I just wanted to group my searches in a sub menu on the search application. However I do want to ultimately create a custom dashboard, so I'm going to give that a go as well.
oh, a sub menu is not hard. If you look at the default nav (Search application>Manager>Navigation Menus>default) you will see the default Search view and how it groups "Admin" and "error" into submenus. details are http://www.splunk.com/base/Documentation/latest/Developer/TieViews
That got it, thanks for the help. I also created a sweet custom dashboard, I love how easy Splunk makes it to gather data!