Dashboard Studio Feature Highlights in Splunk Enterprise 9.2

With every major Splunk Enterprise release, we level up your dashboarding experience so that you can visualize and take action on your data fast. In Splunk Enterprise 9.2, we are bringing the experience across Classic (SimpleXML) dashboards and Dashboard Studio closer together and weaving in Dashboard Studio features from the two most recent Splunk Cloud Platform releases. 

This blog post covers the major dashboarding features included in Splunk Enterprise 9.2:

• Drilldowns: Link to Report & Link to Search
• Trellis for Single Value visualizations 
• Workflow actions support for Events viewer 
• Bigger code editor for manually changing source code 
• Post conversion report when converting from Classic to Studio 

Splunk Enterprise 9.2 will also include panel show/hide for Grid layout and the ability to save reports from the Reports or Search pages to Dashboard Studio. 

Panel Show/Hide in Grid layout

Conditionally showing or hiding a panel in a dashboard is a great way to limit how much information a user has to view when they first load the dashboard. It allows you to construct a dashboard that progressively discloses more information as needed. For example, you could have a pie chart showing the most common errors, that when clicked on, displays an accompanying table with more detailed information about those errors. 

Conditional panel show/hide was first released for Absolute layout in Splunk Enterprise 9.1. You can read more about it in this blog post. Now, we have added support for panel show/hide in Grid layout. For both Absolute and Grid layout, we currently only support hiding the panel when there is no data to show. For more complex logic, check out this blog post or the Examples Hub in your Splunk instance for some examples. 

A key difference between Absolute layout and Grid layout is that in Absolute layout, the panel simply disappears, no other panels move or resize when that happens. However, in Grid layout, the surrounding panels will adjust their size to fill the empty space left by a hidden panel. This is more akin to what you may be familiar with in Classic dashboards. 

Save From Reports 

Reports, or saved searches, are a great way to reuse SPL across multiple dashboards, and make it easy to update SPL across multiple dashboards at once. If those reports are scheduled, they can also help reduce resource consumption. 

Previously, if you wanted to add a report to your Studio dashboard, you had to do so through source, using the following syntax: 

"reportNoScheduleNoRefresh": {
  "type": "ds.savedSearch",
  "options": {
    "ref": "Top 100 sourcetypes in the last 24 hours",
    "app": "search"
  }
},

Now, users can add reports from the Reports or Search page. When viewing a report in the Reports page, or by opening it in Search, users can follow a similar workflow as when they add an ad-hoc search to a dashboard, by selecting whether they want to add the report to a new or existing dashboard. If adding to a new dashboard, they'll have the choice between a Classic or Studio dashboard. If adding to an existing dashboard, they'll be presented with a list of all the Classic and Studio dashboards they have access to. 

Similar to Classic dashboards, if a report's SPL is updated, it will update automatically in the Studio dashboard as well. However, if a report's visualization is updated, it will not update in Dashboard Studio. Users have the freedom to choose a different visualization for that report in their dashboard. 

Coming Soon

Check out Dashboard Studio and send in your feedback through Splunk Ideas, and you might see your feature request listed on a future blog's "coming soon" list! We are continuing to work on new capabilities, which are delivered incrementally with Splunk Cloud Platform and Splunk Enterprise releases. 

Next up is ….

• Trellis for axes charts 
• Additional conversion improvements 
• Scheduled Export 

Helpful Resources

• Dashboard Studio demo 
• Dashboard Studio Blogs - Catch up on our other recent updates with Studio
• Dashboard Studio Tutorial
• Improving Dashboard Performance and Resource Usage Tech Talk
• Splunk Dashboard Studio Documentation
• Splunk Ideas - Dashboard Studio for feature or enhancement Requests
• Examples Hub - Find the Examples Hub from the Dashboards page in Search & Reporting
• Splunk Community - Dashboards & Visualizations for questions
  
  

^{* This information is subject to change at any time, at the sole discretion of Splunk LLC and without notice. This roadmap information shall not be incorporated into any contract or other commitment. Splunk undertakes no obligation to either develop or deliver any product, features, or functionality described here.}