Learning Splunk Web Framework
()
About this ebook
Take your analytics online with the ease and power of the Splunk Web Framework
About This Book- Want to build rich applications on the Web using Splunk? This book will be your ultimate guide!
- Learn to use web framework components with the help of this highly practical, example-rich guide
- Perform excellent Splunk analytics on the Web and bring that knowledge to your own projects
This book will cater to Splunk developers and administrators who now wish to further their knowledge with Splunk Web Framework and learn to improve the way they present and visualize data in Splunk. A basic knowledge of JavaScript will be beneficial but is not a prerequisite.
What You Will Learn- Master the fundamentals of Splunk Web Framework
- Start thinking of Splunk as a complete development platform to build user-friendly apps
- Extend the functionality of your apps using SimpleXML techniques
- Set up dashboard layouts, navigation, and menus in your apps
- Create simple dashboard elements including charts and tables
- Master the art of interacting with searches and dashboards
- Integrate SplunkJS to add visual appeal to your website
Building rich applications on the Web using Splunk is now simpler than ever before with the Splunk Web Framework. It empowers developers to build their own web applications with custom dashboards, tables, charts, form searches, and other functionalities in the datasets at their disposal.
The book will start with the fundamentals of the Splunk Web Framework, teaching you the secrets of building interesting and user-friendly applications. In the first application, you will learn to analyze and monitor traffic hitting the NASA website and learn to create dashboards for it. You will then learn additional, and more detailed, techniques to enhance the functionalities of the app such as dashboards and forms, editing simple XML, using simple XML extensions, tokens, post-process searches, dynamic drill-downs, the Splunk Web Framework and REST API, and much more. The second app will use historical stock market data and will create custom dashboards using Splunk Web Framework; the book will now cover important topics such as creating HTML dashboards, enhancing the visual appeal of the app using CSS, and moving your app with SplunkJS.
The book will provide different and interesting examples instead of the usual “Log, Index, Search, and Graph” so that Splunk will be the first tool readers think of to resolve a problem.
Style and approachThis book will follow a step-by-step approach whereby every new concept is built on top of the previous chapter, and will be highly practical in nature; the reader will learn to build apps while reading about the Splunk Web framework.
Related to Learning Splunk Web Framework
Related ebooks
Learning Splunk Web Framework Rating: 0 out of 5 stars0 ratingsSplunk Developer's Guide - Second Edition Rating: 0 out of 5 stars0 ratingsSplunk 7.x Quick Start Guide: Gain business data insights from operational intelligence Rating: 0 out of 5 stars0 ratingsLearning Website Development with Django Rating: 0 out of 5 stars0 ratingsMastering Flask Web Development: Build enterprise-grade, scalable Python web applications, 2nd Edition Rating: 0 out of 5 stars0 ratingsMastering Backbone.js Rating: 0 out of 5 stars0 ratingsImproving Your Splunk Skills: Leverage the operational intelligence capabilities of Splunk to unlock new hidden business insights Rating: 0 out of 5 stars0 ratingsInstant Play Framework Starter: Build your web applications from the ground up with the Play Framework for Java and Scala Rating: 0 out of 5 stars0 ratingsSvelte 3 Up and Running: A fast-paced introductory guide to building high-performance web applications with SvelteJS Rating: 0 out of 5 stars0 ratingsBuilding Web Applications with Python and Neo4j Rating: 0 out of 5 stars0 ratingsElasticsearch Indexing Rating: 0 out of 5 stars0 ratingsOpenCms 7 Development Rating: 0 out of 5 stars0 ratingsJavaScript Projects for Kids Rating: 0 out of 5 stars0 ratingsAdvanced Express Web Application Development Rating: 0 out of 5 stars0 ratingsOpenStack for Architects: Design production-ready private cloud infrastructure Rating: 0 out of 5 stars0 ratingsKibana 7 Quick Start Guide: Visualize your Elasticsearch data with ease Rating: 0 out of 5 stars0 ratingsAdvanced Elasticsearch 7.0: A practical guide to designing, indexing, and querying advanced distributed search engines Rating: 0 out of 5 stars0 ratingsBuilding Web Applications with Flask Rating: 0 out of 5 stars0 ratingsOpa Application Development Rating: 0 out of 5 stars0 ratingsScala Programming Projects: Build real world projects using popular Scala frameworks like Play, Akka, and Spark Rating: 0 out of 5 stars0 ratingsJava 11 Cookbook: A definitive guide to learning the key concepts of modern application development, 2nd Edition Rating: 0 out of 5 stars0 ratingsLearning Ansible 2.7: Automate your organization's infrastructure using Ansible 2.7, 3rd Edition Rating: 0 out of 5 stars0 ratingsLearning Spark SQL Rating: 0 out of 5 stars0 ratingsDjango 1.0 Web Site Development Rating: 4 out of 5 stars4/5Inkscape 0.48 Essentials for Web Designers Rating: 0 out of 5 stars0 ratingsAmazon S3 Essentials: Get started with Amazon S3 for virtually unlimited cloud and Internet storage Rating: 0 out of 5 stars0 ratings
Programming For You
Coding All-in-One For Dummies Rating: 4 out of 5 stars4/5Python Programming : How to Code Python Fast In Just 24 Hours With 7 Simple Steps Rating: 4 out of 5 stars4/5Grokking Algorithms: An illustrated guide for programmers and other curious people Rating: 4 out of 5 stars4/5Python: Learn Python in 24 Hours Rating: 4 out of 5 stars4/5Clean Code in JavaScript: Develop reliable, maintainable, and robust JavaScript Rating: 5 out of 5 stars5/5Python: For Beginners A Crash Course Guide To Learn Python in 1 Week Rating: 4 out of 5 stars4/5Coding with JavaScript For Dummies Rating: 0 out of 5 stars0 ratingsSQL All-in-One For Dummies Rating: 3 out of 5 stars3/5Learn Algorithmic Trading: Build and deploy algorithmic trading systems and strategies using Python and advanced data analysis Rating: 0 out of 5 stars0 ratingsNarrative Design for Indies: Getting Started Rating: 4 out of 5 stars4/5Learn Python in 10 Minutes Rating: 4 out of 5 stars4/5Grokking Simplicity: Taming complex software with functional thinking Rating: 4 out of 5 stars4/5Learn to Code. Get a Job. The Ultimate Guide to Learning and Getting Hired as a Developer. Rating: 5 out of 5 stars5/5Artificial Intelligence Programming with Python: From Zero to Hero Rating: 0 out of 5 stars0 ratingsTensorFlow in 1 Day: Make your own Neural Network Rating: 4 out of 5 stars4/5Modern C++ Programming Cookbook Rating: 5 out of 5 stars5/5PYTHON: Practical Python Programming For Beginners & Experts With Hands-on Project Rating: 5 out of 5 stars5/5Artificial Intelligence with Python Rating: 4 out of 5 stars4/5HTML & CSS: Learn the Fundaments in 7 Days Rating: 4 out of 5 stars4/5Python Machine Learning By Example Rating: 4 out of 5 stars4/5SQL QuickStart Guide: The Simplified Beginner's Guide to Managing, Analyzing, and Manipulating Data With SQL Rating: 4 out of 5 stars4/5React Projects: Build 12 real-world applications from scratch using React, React Native, and React 360 Rating: 0 out of 5 stars0 ratings
Reviews for Learning Splunk Web Framework
0 ratings0 reviews
Book preview
Learning Splunk Web Framework - Vincent Sesto
Table of Contents
Learning Splunk Web Framework
Credits
About the Author
About the Reviewer
www.PacktPub.com
eBooks, discount offers, and more
Why subscribe?
Free access for Packt account holders
Preface
What this book covers
What you need for this book
Who this book is for
Conventions
Reader feedback
Customer support
Downloading the example code
Downloading the color images of this book
Errata
Piracy
Questions
1. Splunk Web Framework Fundamentals
Introducing the Splunk Web Framework
A quick note about advanced XML
Architecture of the Splunk Web Framework
Description of the architecture
The Splunk web interface
Simple XML
SimpleXML extensions
HTML
SplunkJS libraries
splunkd
The development process and development environment
The development process
Development environment
Data to test with
Using collaboration tools... enter Git
Using Git
Basic usage examples of Git
Create an account on GitHub
Create your repository
Branching and working with Git
Using Git when changes go bad
Introducing the example projects
NASA HTTP data
Game of life
Historical stock market data
Summary
2. Presenting Data to Users as a Splunk App
Managing and creating your apps
Creating our first Splunk app
Alternative ways to create a Splunk app
Adding your new Splunk app to Git
Deleting Splunk apps
The Splunk app directory structure
Designing Splunk apps for your audience
Creating a dashboard
Field extraction for our NASA data
Adding panels to our dashboard
Editing existing dashboards
Set your dashboard on the Splunk home screen
Viewing and saving changes to GitHub
Summary
3. Expand Your Splunk Apps Using Simple XML
File precedence and caching
Getting started with the SimpleXML code
The Splunk code editor
Create development branches with Git
Adding charts to dashboards
The Simple XML of charts
Expanding our Splunk app with maps
Finally, a table!
Completing your development and releasing to production
Summary
4. Layouts, Navigation, and Menus
Setting your Splunk app's default page
Manipulating the menu structure
Biological cell simulation app
Manipulating your dashboard layout
Customizing layouts with JavaScript
Color-coding values in our display
Adding CSS into Simple XML
Summary
5. Interacting with Your User While Speeding up App Searches
Speeding up data delivery with post processing searches
Using scheduled reports in dashboards
Splunk forms
More advanced form examples
Drilldown of data within Splunk
Packaging up our Splunk apps
Summary
6. Moving from Simple XML to HTML
Moving forward by taking a step back
Converting your Simple XML code to HTML
The Splunk HTML Code Editor
Stepping through the HTML dashboard code
Why convert to HTML?
Making changes to HTML dashboards
Creating a Splunk App template
Summary
7. JavaScript Modules in Your HTML App
JavaSript modules in the Splunk Web Framework
Adding animation to Splunk dashboards
Ensuring your code is correct
Customizing JavaScript Modules in HTML
Implementing external libraries in your HTML code
Adding your icon to your Splunk App
Summary
8. Utilizing CSS to Spice Up Visual Appeal
CSS templates and themes
Get the raw dashboard ready
Implementing your own CSS style
Inline style sheets
Using internal style sheets in your Splunkcode
CSS and dashboard menus
Setting up external style sheets in Splunkapps
Using the Splunk Web Framework CSS
Bootstrap alerts in your Splunkdashboard
Bootstrap and dashboard headings
Bootstrap tool tips
Losing our Bootstrap themes
Summary
9. Moving Your App off Splunk with Splunk JS
So what is SplunkJS?
What about the Splunk SDK?
Host Splunk data outside of Splunk
Setting up our website
Interacting with Splunk through the management port
Let's get started with SplunkJS
So what if your test page doesn't work?
Let's create our new web page...mobile first
Authenticating with your Splunkenvironment
Automated testing of our web page
Writing a simple test
Considerations when testing
Summary
Learning Splunk Web Framework
Learning Splunk Web Framework
Copyright © 2016 Packt Publishing
All rights reserved. No part of this book may be reproduced, stored in a retrieval system, or transmitted in any form or by any means, without the prior written permission of the publisher, except in the case of brief quotations embedded in critical articles or reviews.
Every effort has been made in the preparation of this book to ensure the accuracy of the information presented. However, the information contained in this book is sold without warranty, either express or implied. Neither the author, nor Packt Publishing, and its dealers and distributors will be held liable for any damages caused or alleged to be caused directly or indirectly by this book.
Packt Publishing has endeavored to provide trademark information about all of the companies and products mentioned in this book by the appropriate use of capitals. However, Packt Publishing cannot guarantee the accuracy of this information.
First published: August 2016
Production reference: 1260816
Published by Packt Publishing Ltd.
Livery Place
35 Livery Street
Birmingham
B3 2PB, UK.
ISBN 978-1-78646-294-7
www.packtpub.com
Credits
About the Author
Vincent Sesto, when changing skill sets and moving from business into the information technology field 10 years ago, saw the potential of doing things via technology and has continued to follow his passion to find better ways of doing so. Vince has worked with Splunk for the past 4 years, developing apps and reporting applications around Splunk, and now works hard to advocate its success. He has worked as a system engineer in big data companies and development departments, where he has regularly supported, built, and developed with Splunk. His LinkedIn profile is at https://au.linkedin.com/in/vincesesto.
About the Reviewer
Robert King has primarily served as an engineer, writing desktop, client-server, and web software in more languages than he can remember, and has been building human-computer interfaces for longer than he cares to admit. Although he has also served as sysadmin and DBA, for the last decade he has focused primarily on web-based frontend development, having built experiences used by millions of customers everyday.
www.PacktPub.com
For support files and downloads related to your book, please visit www.PacktPub.com.
eBooks, discount offers, and more
Did you know that Packt offers eBook versions of every book published, with PDF and ePub files available? You can upgrade to the eBook version at www.PacktPub.com and as a print book customer, you are entitled to a discount on the eBook copy. Get in touch with us at [email protected] for more details.
At www.PacktPub.com , you can also read a collection of free technical articles, sign up for a range of free newsletters and receive exclusive discounts and offers on Packt books and eBooks.
eBooks, discount offers, and morehttps://www2.packtpub.com/books/subscription/packtlib
Do you need instant solutions to your IT questions? PacktLib is Packt's online digital book library. Here, you can search, access, and read Packt's entire library of books.
Why subscribe?
Fully searchable across every book published by Packt
Copy and paste, print, and bookmark content
On demand and accessible via a web browser
Free access for Packt account holders
Get notified! Find out when new books are published by following @PacktEnterprise on Twitter or the Packt Enterprise Facebook page.
Preface
For some time now, Splunk has been a leading light in providing software that allows its users to search, monitor, and visualize data. The massive expansion in machine data seems endless but we are fortunate to have the tools to deliver and analyze this data and allow us to strip out the irrelevant information, presenting to our user base the important data that will help guide business and technology decisions. Two major strengths that Splunk provides are the ability to quickly analyze your data as well as the ability to present this information to your user in an attractive and customizable way. This presentation layer sitting within Splunk as part of the Splunk Web Framework is a powerful development platform from which we can almost endlessly customize the data we are providing. This book focuses directly on the Splunk Web Framework. It is designed to provide hands-on and interesting examples with step-by-step instructions, to help developers think of Splunk as a complete platform instead of software for searching, monitoring, and analyzing machine-generated data. This book provides different and interesting examples instead of the usual Log, Index, Search, and Graph
and has the reader thinking in terms of Splunk being the first tool they think of when needing to resolve any problem.
What this book covers
Chapter 1, Splunk Web Framework Fundamentals, provides a high-level overview of the framework as well as discussing development environments and collaborating with development teams.
Chapter 2, Presenting Data to Users as a Splunk App, will introduce Splunk Apps and get you to use the Web Interface to create basic dashboards to present their data.
Chapter 3, Expand Your Apps Using Simple XML, expands you knowledge of Splunk App development by introducing Simple XML to manipulate the underlying dashboard code.
Chapter 4, Layouts, Navigation, and Menus, provides you with an overview of how to use Simple XML to control the layout of you dashboards as well as setting up a menu system for you Splunk App.
Chapter 5, Interacting with Your User While Speeding Up App Searches, discusses how to add features to your Simple XML code to allow your user to interact directly with their Splunk data.
Chapter 6, Moving from Simple XML to HTML, introduces HTML dashboards and provides an explanation of the HTML code that is generated as part of the Splunk dashboard.
Chapter 7, JavaScript Modules in Your HTML App, provides a discussion on how to work directly with JavaScript modules in your Splunk App to further enhance functionality.
Chapter 8, Utilizing CSS to Spice Up Visual Appeal, discusses working directly with CSS files to manipulate the look and feel of a dashboard and move away from the standard Splunk color scheme.
Chapter 9, Moving Your App off Splunk with SplunkJS, provides an in-depth introduction to using SplunkJS to create standalone web applications with the use of Splunk data.
What you need for this book
To be able to work along with the example applications created in this book, you will need to have the following items available:
A running version of Splunk Enterprise, preferably on Linux or Mac
Basic knowledge of Splunk and how it works, including creating searches and reports, indexing data, and knowledge of Web interface
A modern and stable web browser, such as Chrome or Firefox
A basic understanding of web technologies such as HTML, CSS, and JavaScript
Some basic knowledge of Python
An Internet connection
Who this book is for
This book is designed to start from an overview of the Splunk Web framework and get an inexperienced Splunk user to work fast with hands-on examples. The examples build on top of each other to cover more advanced topics, so it is hoped that even an experienced Splunk developer will be able to get something out of this book as the chapters progress.
Conventions
In this book, you will find a number of text styles that distinguish between different kinds of information. Here are some examples of these styles and an explanation of their meaning.
Code words in text, database table names, folder names, filenames, file extensions, pathnames, dummy URLs, user input, and Twitter handles are shown as follows: By clicking on the Splunk logo at the top left of the screen, we are brought to the home page, http://localhost:8000/en-GB/app/launcher/home .
A block of code is set as follows:
1
2
Any command-line input or output is written as follows:
echo # SplunkAppDev
>> README.md
New terms and important words are shown in bold.
Note
Warnings or important notes appear in a box like this.
Tip
Tips and tricks appear like this.
For this book we have outlined the shortcuts for the Mac OX platform if you are using the Windows version you can find the relevant shortcuts on the WebStorm help page https://www.jetbrains.com/webstorm/help/keyboard-shortcuts-by-category.html.
Reader feedback
Feedback from our readers is always welcome. Let us know what you think about this book—what you liked or disliked. Reader feedback is important for us as it helps us develop titles that you will really get the most out of.
To send us general feedback, simply e-mail [email protected], and mention the book's title in the subject of your message.
If there is a topic that you have expertise in and you are interested in either writing or contributing to a book, see our author guide at www.packtpub.com/authors.
Customer support
Now that you are the proud owner of a Packt book, we have a number of things to help you to get the most from your purchase.
Downloading the example code
You can download the example code files for this book from your account at http://www.packtpub.com. If you purchased this book elsewhere, you can visit http://www.packtpub.com/support and register to have the files e-mailed directly to you.
You can download the code files by following these steps:
Log in or register to our website using your e-mail address and password.
Hover the mouse pointer on the SUPPORT tab at the top.
Click on Code Downloads & Errata.
Enter the name of the book in the Search box.
Select the book for which you're looking to download the code files.
Choose from the drop-down menu where you purchased this book from.
Click on Code Download.
You can also download the code files by clicking on the Code Files button on the book's webpage at the Packt Publishing website. This page can be accessed by entering the book's name in the Search box. Please note that you need to be logged in to your Packt account.
Once the file is downloaded, please make sure that you unzip or extract the folder using the latest version of:
WinRAR / 7-Zip for Windows
Zipeg / iZip / UnRarX for Mac
7-Zip / PeaZip for Linux
Downloading the color images of this book
We also provide you with a PDF file that has color images of the screenshots/diagrams used in this book. The color images will help you better understand the changes in the output. You can download this file from https://www.packtpub.com/sites/default/files/downloads/ApexDesignPatterns_ColorImages.pdf.
Errata
Although we have taken every care to ensure the accuracy of our content, mistakes do happen. If you find a mistake in one of our books—maybe a mistake in the text or the code—we would be grateful if you could report this to us. By doing so, you can save other readers from frustration and help us improve subsequent versions of this book. If you find any errata, please report them by visiting http://www.packtpub.com/submit-errata, selecting your book, clicking on the Errata Submission Form link, and entering the details of your errata. Once your errata are verified, your submission will be accepted and the errata will be uploaded to our website or added to any list of existing errata under the Errata section of that title.
To view the previously submitted errata, go to https://www.packtpub.com/books/content/support and enter the name of the book in the search field. The required information will appear under the Errata section.
Piracy
Piracy of copyrighted material on the Internet is an ongoing problem across all media. At Packt, we take the protection of our copyright and licenses very seriously. If you come across any illegal copies of our works in any form on the Internet, please provide us with the location address or website name immediately so that we can pursue a remedy.
Please contact us at [email protected] with a link to the suspected pirated material.
We appreciate your help in protecting our authors and our ability to bring you valuable content.
Questions
If you have a problem with any aspect of this book, you can contact us at [email protected], and we will do our best to address the problem.
Chapter 1. Splunk Web Framework Fundamentals
My history with Splunk goes back about 4 years to when I was working for a company that was building a browser plugin. All of the logging for all the users was going to be built around Splunk. I am not sure whether they knew the implications, but it was not until some 2 years later that I saw the full benefit of making this decision. I had been convinced of the power of Splunk. I saw it as a great platform to build and develop applications and reports with ease, and it should be looked at in exactly the same way as LAMP or other development stacks. I also saw the opportunity to write a book about the Splunk Web Framework as a great way to show other people what I have learned without them having to waste the time of trial and error that I had to.
If you have not yet installed Splunk on a virtual machine, server, or your own PC or laptop, it is probably best to get this done now before moving further. Towards the end of this chapter, we will introduce the data and example projects that we will be working on throughout this book. The example work that we will be performing throughout this book will be on a Linux or Mac platform. You should be able to follow along if you are using a different platform. If you have not installed Splunk before, you will be able to get all the details you need for your installation at the following link: http://docs.splunk.com/Documentation/Splunk/6.3.3/Installation/Chooseyourplatform .
So you've installed Splunk, got things running, and now what? Hopefully, that is where this book will come in and help you get the ball rolling, making fresh, interactive, useful, and dynamic applications using the Splunk Web Framework. We are hoping that we can actually get you creating some interesting applications without the usual log, index, search, graph, and report documentation that seems to be out in abundance.
Introducing the Splunk Web Framework
Welcome to the Splunk Web Framework, which has been set up as an essential support structure for Splunkusers to build custom reports, dashboards, and apps on Splunk and with Splunk. This means that there is a supporting environment that can be used to develop end-to-end applications with no need to install anything other than Splunk. The Splunk Web Framework allows the user to start from the basics using a drag-and-drop interface, and makes them able to get underneath the hood and interact and customize the code directly. Further still, developers don't even need to develop with Splunk as their platform of choice to display their data. They are free to simply interface with Splunk API calls, search for data, and then display this returned data directly on their own websites and applications.
As of Splunk version 6, there was a major overhaul to the Splunk Web Framework. The framework is now integrated directly into Splunk Enterprise 6, so now you don't need to install anything else to start using the web framework. Previously, in Splunk 5, you needed to use a standalone version of the web framework. So unless you're using an old version of Splunk, you will be able to get going and working with the framework straight away. All your apps from previous versions of Splunk should work on Splunk 6, including apps created in Advanced XML, so it is well worth the upgrade to get an improved interface and functionality that it brings.
A quick note about advanced XML
Let's get this out of the way early. You may have heard about Advanced XML, or you may have even seen some dashboards or views created in your environment that have been set up using Advanced XML.