The Splunk code editor

In our example, we have seen how we can view the SimpleXML of a dashboard that was created from the Splunk web interface. We are using the Splunk code editor to view the SimpleXML code and save the changes to our dashboard. If we want to create a dashboard from scratch, we can also do that using the Splunk code editor. To create a new dashboard from scratch, we can perform the following:

1. From the top set of menus, along the right-hand side, click on Settings.
2. Click on the User Interface option, and you will be taken to the User Interface management screen.
3. We click on the Views option, where we can display all the views that we have in our Splunkenvironment, with a page similar to the image provided here:

As you can see, the page gives you the ability to create a new view with the New button as well as manage and configure existing views that have been created. When editing or creating a new view, we will be presented with the Splunk code editor, to allow us to make the changes we need. So let's perform a quick exercise to create the most basic view that we can:

1. Within the Views management page, we make sure that the App context, near the top left of the screen is set to our NASA squid and web data app.
2. Click on the New button to create a new view and you will be presented with the Splunk code editor, as you were previously.
3. To create your new view, enter these details:
   • Destination app: nasa_squid_web
   • View name: basic_dashboard
   • Enter the following in the code area:

                  1 <dashboard> 
                  2   <label>Basic Dashboard</label> 
                  3 </dashboard>
   

4. The Splunk code editor should look the same as what is shown in the following screenshot. As you are typing the code, you will notice that although the editor is basic, it is still color coded. It highlights errors and element tags that are not closed off correctly, and indents your code to make it more readable. So when you are happy with your new view, click on the Save button.

When you go back to the NASA squid and web data app, you can open your new Basic Dashboard. You have a boring, empty page without any real information. Just remember though that you used only three lines of code to create it.

Don't worry; the rest of this chapter is going to be dedicated to using SimpleXML to create and configure some common visualizations within Splunk.

We have made a few changes to our Splunk app that have not been committed to our Git repository. If you have created your new dashboards by sharing them within your NASA squid and web data app, you will be able to access your Splunk apps directory on your Splunk server and see that there are a few changes that you have not added to your repository yet. If you perform a status check, you will be able to see something similar to the following code:

nasa_squid_web$ git status 
 
On branch master 
Your branch is up-to-date with 'origin/master'. 
Changes not staged for commit: 
  (use "git add <file>..." to update what will be committed) 
  (use "git checkout -- <file>..." to discard changes in working directory) 
 
   modified:   metadata/local.meta 
 
Untracked files: 
  (use "git add <file>..." to include in what will be committed) 
 
   local/data/ui/views/basic_dashboard.xml 
   local/data/ui/views/simplexmldashboard.xml 
 
no changes added to commit (use "git add" and/or "git commit -a") 

As you can see in the output from our Splunk environment, our two new dashboards that we created are currently not tracked. To add it to our master code in Git, all we need to do is add, commit, and then push our changes back to GitHub with the following:

1. Access our Splunk server and move to our Splunk app directory:

    cd $SPLUNK_HOME/etc/apps/nasa_squid_web 
   

2. Add all the changes you have made to allow Git to track changes; this will include the new dashboards you have created:

    git add .
   

3. Now commit the changes with a short description of the changes:

    git commit -m "Adding new dashboards to splunk app"
   

4. Push your changes back to GitHub:

    git push -u origin
   

In the next part of this chapter, we are going to expand our knowledge of SimpleXML, but we will be moving back to our discussion on the development process and start by creating a development branch for the changes we are going to make to our Splunk app.