How To Create Reports
Reports are an elegant way to represent any type of data. In our case, we see a lot of log-based information from various devices in our console. This data can sometimes become a nightmare to understand. So we have come up with a simple, yet effective, process to create reports within our console.
To create a report, follow these steps.
Getting to the ‘Reports’ Section
Click on the “Management” tab on the top left corner of the console.
You’ll now see a sub menu i.e. a drop down. Click on the option named “Repository”, as shown in the screenshot below:
You should now be able to see this view:
Creating a Report
You’re ready to create your first report! Click on the ‘+’ button on the top right corner. From the drop down menu, select the option named “Report”, as shown in the screenshot below:
We are greeted with the “New Report” Template.
Fill up the details in the visible sections of this form, namely:
Enter any name or identifier with which we would like to identify this report with. For now let’s name it “Sample Report”
File Name Suffix
Add another identifier for better searchability.
In this section, you can enter any text with the purpose of identifying this workbook in a simple glance from the repository view.
In this section, enter any text that summarizes the report and its purpose. For our example, we have written “This is a sample report for demo purpose.”
Just like web pages, we can add relevant tags or words for easy categorization of the report.
Choose between “active” or “inactive” to enable or disable the report as per the use case or requirements. The module is set to “active” by default.
Saving the Report
Once you’ve filled up these fields, you can either click on the “Save” button at the bottom of the page or click on the button “Add Section” to further add contents in the report.
Adding Contents to the Report
So let’s click on the “Add Section” button to add some interesting contents to our report. You should be able to see this screen:
Now for the fun part! We have to simply enter few values for the different fields which we will get from the “Section Type” drop down. So let’s begin adding them one by one as shown below:
In this section we can enter the name or title that we want our report to have. For this demo, we have entered the value “Sample Report”. Go ahead and click on the “Done” button at the top right to add our section. We are greeted with a “Section Page” with our added “Page Title” as shown below:
Page Sub Title
In this section, enter the name or sub-title that we want our report to have. In this examplem we have entered the value “Here we can enter the sub title”. Click on the “Done” button at the top right to finish adding the section. You should now be greeted with the “Section Page” with our added “Page Sub Title” as shown below:
In this section, enter any text that summarizes the module and its purpose. For our example, we have filled the description section with “This is the description area”. Click on the “Done” button at the top right to add this section. You should now be greeted with the “Section Page” with our added “Description” as shown below:
In this section, we can enter a number that represents the count of free rows as desired. For this example, we have entered the value “1” and clicked on the “Done” button at the top right to add this section. You should now be greeted with the “Section Page” with our added “Free Rows” as shown below:
Adding a Data Table to the Report
In this section, we can add the query using which we shall get relevant information as per our use case or requirement. For our ongoing example, we have entered a query that displays the Source IP Addresses which led to the log creation from “Web Servers” within the last hour. Here’s the query:
``` _fetch * from event where $LogType=WEBSERVER AND $Duration=1h group count_unique $SrcIP limit 20 ```
And here’s what the screenshot looks like.
One important point to note is that, whichever query we enter in this field , it should have a clause with the
$Duration field i.e. the query should be able to fetch data from within specified time intervals. Without this field, the report creation does not give an impressive view of the data for which the report is created.
Note - Each and every query should have a duration clause as shown in the example above.
Now let’s move ahead and click on the button named “Execute”, which executes the query and checks for syntax errors. Note that this button does not display the output of the query but just checks for syntax errors. If all is good, no errors are thrown and the buttons beside the “Execute” button get enabled. These buttons are “Add Column” and “Add Chart”.
Click on “Add Column” and we get presented with the following view:
The fields in this view are pretty straightforward and simple. Let’s run through their significance in brief:
- Column Type: The type of data present in the column. By default, it is set to “Field” which means the data in the column is in “text” format i.e., alphabets and numbers.
- Fields: A dropdown which lists the columns present in the output of the mentioned query. You can select the relevant one, which is
$SrcIP(Source IP Address) in our example.
- Rename: This section gives us the ability to rename the chosen column in the “Fields” section above to something which is humanly understandable. E.g. “Source IP Address” makes more sense than “$SrcIP” to people.
- Column Width: Set the width of the columns as per the aesthetic requirements of the table.
- Column Format: The format of the column chosen, which is set to “dataTableTextC“ by default. This field is not editable.
Also, we can add more columns to the table by clicking on the ‘+’ icon a shown below :
After we have filled all the required sections, it’s finally time to “Generate Table” by clicking on that button. This presents us with the output of our query as shown below:
Click on the “Done” button at the top right to complete. We have successfully created a table!
Adding a Chart to the Report
Now for the most fun part! Let’s add a chart by clicking on the “Add Chart” button.
The fields, as seen in the screenshot above, need to be filled in order to create a beautiful-looking chart.
- Chart Type: A dropdown to select the type of chart required. Options consist of “Horizontal Bar Chart”, “Vertical Bar Chart” and “Pie Chart”.
- Label Field: A dropdown that lists the columns present in the output of the mentioned query. We have to select the relevant one (which is
$SrcIPin our example).
- Value Field: A dropdown that lists the values present in the output of the mentioned query. We have to select the relevant one, which is count_unique in our example. Note that this section needs to have those columns for which a relation exists with the column mentioned in the “Label Field”
- Title Text: Enter a title for our new chart.
- X-Axis Label: Enter a text/label to represent the data on the horizontal axis.
- Y-Axis Label : Enter a text/label to represent the data on the vertical axis.
Now we can preview our chart, which will get created as per our values entered earlier. To do this, click on “Preview”.
To make changes, click on “Back” button to go back and edit the fields discussed earlier and preview the changes before saving the report. If you are happy with the changes, move ahead and click on the “Save” button at the bottom of the page.
We can now go ahead and click on “Done” at the top right of our “Section View” as seen earlier.
And by following these steps, we have successfully created an awesome report for our use.