Performance assessment and tuning experiences with RHEL

POC on Red Hat Directory Server (RHDS)

Migrate Elasticsearch Index to OpenSearch Index.

Rootless Podman Container And UID/GID Mapping in Ansible Automation Platform 2

How To Change Control Plane Execution Environment Settings

Install SSL Certificates for Ansible Automation Controller and Automation Hub

Search

How to create Create a dashboard in Splunk for Ansible Tower

Munshi Hafizul Haque
Aug 1, 2020
2 min read

Updated: Oct 3, 2021

In our previous post, We have discussed on How To Install Splunk in Red Hat Enterprise Linux 7 and How to integrate Ansible Tower with Splunk logging. Now we are going to create a dashboard based on Ansible Tower HTTP Event Collector (HEC) logs.

Les't start.

View the Ansible Logs from the Splunk:

We can search the logs in "Search & Reporting" windows from the Splunk Web based GUI.

Click the Search & Reporting from the Home page.
Click the Data Summary from the Search page
Click SourceTypes > httpevent, as below.

Click on the field (e.g. event) that we would like to filter in the New Search windows, After that select Add to search in menu, as below.

Click on the All Fields button in the New Search windows, as below

Select (checkbox) the field being filtered in the Select Fields windows, as below.

Close the above window and click on Visualization button in the New Search windows, as below.

Select the Pivot option, as below.

Click "Selected Fields (6)" and click OK, as below.

In the New Pivot window, we have filtered as "All time", as below

In the New Pivot window, Click "+" under the "Split Columns" and select event , as below.

and then click "Add To Table" button in next window, as below.

Now, we will have a view of the information separated in columns with the name of the column being the event and their number of appearances in the logs, as below.

Now, click "Save As" and select "Dashboard Panel", as below.

To create a New Dashboard Title as "Ansible Tower Dashboard", also set the Panel Title, Model Title, as below.

Click on Edit in the upper right menu, as below.

Now, in the atd_events panel click on "Select Visualization".

choose the Select Visualization as we want.

And we have select “Ple Chart” and click “Save”.

Now we repeat the process, and we have created filters, Table, etc as per the above steps. after that we have selected the existing dashboard "Ansible Tower Dashboard" to add new panels to the dashboard, as below.

And we can furnished our existing dashboard, by creating some more panels and adding them to the existing dashboard.

Comments

Log In to Connect With Members

View and follow other members, leave comments & more.

JazakAllah (JazakAllahu Khairun!)

Recent Posts