admingit
/
Splunk_deploy
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'main'
${ noResults }
Splunk_deploy/deployment-apps/CEIP-RESEAU/local/data/ui/views/indicateurs_spectrum.xml

123 lines
5.3 KiB
Raw Permalink Blame History

<form version="1.1">
<label>Indicateurs Spectrum</label>
<description>Ce tableau de bord a pour but de mettre en lumière l'activité liée aux alarmes sur Spectrum. Un script récupère les données de Spectrum via des appels API et les répertorie dans un fichier de résultat sous le format csv.Les données sont envoyées régulièrement et de manière automatique sur splunk. Les options sélectionnées dans les listes déroulantes s'appliquent à tous les dashboards.</description>
<fieldset submitButton="false" autoRun="true">
<input type="time" token="token_time">
<label>Choisir la période de temps</label>
<default>
<earliest>-30d@d</earliest>
<latest>now</latest>
</default>
</input>
<input type="dropdown" token="token_severite">
<label>Choix de la criticité</label>
<choice value="*">Toutes</choice>
<choice value="Critical">Critique</choice>
<choice value="Major">Majeure</choice>
<choice value="Minor">Mineure</choice>
<default>*</default>
<initialValue>*</initialValue>
<prefix>Severity="</prefix>
<suffix>"</suffix>
<delimiter> </delimiter>
</input>
<input type="dropdown" token="tk_owner">
<label>Choix ceip</label>
<choice value="*">Tout</choice>
<choice value="Owner=&quot;CEIP Reseau&quot;">Réseau</choice>
<choice value="Owner=&quot;CEIP Reseau&quot; OR Owner=&quot;CEIP Cyber&quot;">Réseau+Cyber</choice>
<choice value="Owner=&quot;CEIP Info&quot;">Info</choice>
<choice value="Owner=&quot;CEIP Telephonie&quot;">Telephonie</choice>
<choice value="Owner=&quot;CEIP Cyber&quot;">Cyber</choice>
<default>*</default>
<initialValue>*</initialValue>
<delimiter> </delimiter>
</input>
</fieldset>
<row>
<panel>
<chart>
<title>Répartition des alarmes selon contexte</title>
<search>
<query>index="idx_tic_spectrum" Creation_Date=* Severity!=Normal Severity!=Maintenance Alarm_Title!="\*BAGOT -*"
| dedup id
| search $token_severite$
| search Acknowledged=false
| search $tk_owner$
| rex field="Location" "^(?&lt;Landscape&gt;[^:]+)"
| rex field="Location" "^TIH:(?&lt;reseau&gt;[^:]+)"
| eval Landscape = if(like(Landscape,"CNPE%"),"CNPE",Landscape)
| eval Landscape = if(like(Landscape,"IDT%"),"TIT",Landscape)
| eval reseau = if(isnull(reseau),Landscape,"TIH")
| search Landscape!=Universe
| stats count by reseau | sort -count</query>
<earliest>$token_time.earliest$</earliest>
<latest>$token_time.latest$</latest>
</search>
<option name="charting.axisTitleX.text">contexte</option>
<option name="charting.axisTitleY.text">Volume d'alarmes</option>
<option name="charting.chart">pie</option>
<option name="charting.chart.showDataLabels">all</option>
<option name="charting.chart.showPercent">1</option>
<option name="charting.drilldown">none</option>
<option name="charting.legend.placement">none</option>
<option name="refresh.display">progressbar</option>
</chart>
</panel>
</row>
<row>
<panel>
<table>
<title>Top 5 des alarmes les plus fréquentes par équipement sur la période selectionnée</title>
<search>
<query>index="idx_tic_spectrum" Creation_Date=* | search $token_severite$
| dedup id
| lookup spectrum_devices_dynamic.csv IP as Network_Address OUTPUT Owner
| search $tk_owner$
| stats count by "Alarm_Title","Model_Name" ,"Network_Address" | sort -count |head 5</query>
<earliest>$token_time.earliest$</earliest>
<latest>$token_time.latest$</latest>
</search>
<option name="drilldown">none</option>
<option name="refresh.display">progressbar</option>
</table>
</panel>
<panel>
<chart>
<title>Top 5 des alarmes les plus fréquentes sur la période selectionnée</title>
<search>
<query>index="idx_tic_spectrum" Creation_Date=* | search $token_severite$
| dedup id
| lookup spectrum_devices_dynamic.csv IP as Network_Address OUTPUT Owner
| search $tk_owner$
| stats count by "Alarm_Title"| sort -count |head 5</query>
<earliest>$token_time.earliest$</earliest>
<latest>$token_time.latest$</latest>
</search>
<option name="charting.chart">column</option>
<option name="charting.chart.showDataLabels">all</option>
<option name="charting.drilldown">none</option>
<option name="charting.legend.labelStyle.overflowMode">ellipsisMiddle</option>
<option name="refresh.display">progressbar</option>
</chart>
</panel>
<panel>
<chart>
<title>Top 5 des équipements qui alarment le plus sur la période selectionnée</title>
<search>
<query>index="idx_tic_spectrum" Creation_Date=* | search $token_severite$
| dedup id
| lookup spectrum_devices_dynamic.csv IP as Network_Address OUTPUT Owner
| search $tk_owner$
| stats count by "Model_Name" | sort -count |head 5</query>
<earliest>$token_time.earliest$</earliest>
<latest>$token_time.latest$</latest>
</search>
<option name="charting.chart">bar</option>
<option name="charting.chart.showDataLabels">all</option>
<option name="charting.chart.stackMode">default</option>
<option name="charting.layout.splitSeries">0</option>
</chart>
</panel>
</row>
</form>
Reference in new issue View Git Blame Copy Permalink