Databases Reference
In-Depth Information
The idea is to take advantage of the Splunk GUI tools as much as possible, letting the
simple XML conversion process add all of the advanced XML that you would have
to otherwise find yourself. We covered steps 1-3 in the previous chapters. Step 4 is
covered in the Converting simple XML to advanced XML section.
Advanced XML structure
Before we dig into the modules provided, let's look at the structure of the XML
itself and cover a couple of concepts.
The tag structure of an advanced XML document is essentially:
view
module
param
...
module
...
The main concept of Splunk's XML structure is that the effects of modules flow
downstream to child modules. This is a vital concept to understand. The XML
structure has almost nothing to do with layout, and everything to do with the
flow of data.
Let's look at a simple example like this:
<view
template="dashboard.html">
<label>Chapter 8, Example 1</label>
<module
name="HiddenSearch"
layoutPanel="panel_row1_col1"
autoRun="True">
<param name="earliest">-1d</param>
<param name="search">error | top user</param>
<module name="SimpleResultsTable"></module>
</module>
</view>
 
Previous Page
Next Page
Implementing Splunk: Big Data Reporting and Development for Operational Intelligence
Search WWH ::




Custom Search
Home