Dashboard
Apache Web Traffic Overview Dashboard
0 0
Description
Every web team needs a fast way to answer the basics: how much traffic hit the site, what’s breaking, and who or what is driving the spikes. This dashboard is built for that exact moment — a quick, reliable view into Apache access traffic without custom data models or heavy setup.
What it’s for: daily web health checks, incident triage, and quick investigations after a spike in errors or latency complaints. You can tell at a glance whether traffic is up or down, if error rates are climbing, which endpoints are hot, and which clients or referrers are behind the load.
What to expect: the panels give you volume trends, response code mix, error rate %, pageviews, unique views, visitor and hit counts, top endpoints (including 404s), top client IPs, bandwidth-heavy routes, referrers, HTTP methods, and geographic coverage by country.
Field expectations:
status, uri_path, clientip, bytes, referer, and method (or http_method). The country panels rely on clientip plus Splunk's iplocation lookup.
<form version="1.1" theme="light">
<label>Apache Web Traffic Overview</label>
<description>12-panel operational dashboard for Apache access_combined traffic with trends, top talkers, and geographic distribution.</description>
<fieldset submitButton="false">
<input type="time" token="time">
<label></label>
<default>
<earliest>-1d@d</earliest>
<latest>@d</latest>
</default>
</input>
</fieldset>
<row>
<panel>
<title>Error Rate %</title>
<single>
<search>
<query>index=* sourcetype=access_combined | stats count as total sum(eval(status>=400 AND status<600)) as errors | eval error_rate=round(errors/total*100,2) | fields error_rate</query>
<earliest>$time.earliest$</earliest>
<latest>$time.latest$</latest>
</search>
<option name="colorBy">value</option>
<option name="colorMode">block</option>
<option name="rangeColors">["0x555","0x555"]</option>
<option name="rangeValues">[0]</option>
<option name="useColors">1</option>
</single>
</panel>
<panel>
<title>Pageviews</title>
<single>
<search>
<query>index=* sourcetype=access_combined | stats count as pageviews</query>
<earliest>$time.earliest$</earliest>
<latest>$time.latest$</latest>
</search>
<option name="colorBy">value</option>
<option name="colorMode">block</option>
<option name="rangeColors">["0x53a051","0x118832"]</option>
<option name="rangeValues">[0]</option>
<option name="useColors">1</option>
</single>
</panel>
<panel>
<title>Unique Views</title>
<single>
<search>
<query>index=* sourcetype=access_combined | stats dc(clientip)</query>
<earliest>$time.earliest$</earliest>
<latest>$time.latest$</latest>
</search>
<option name="colorBy">value</option>
<option name="colorMode">block</option>
<option name="rangeColors">["0x1182f3","0x1182f3"]</option>
<option name="rangeValues">[0]</option>
<option name="useColors">1</option>
</single>
</panel>
</row>
<row>
<panel>
<title>Requests Over Time</title>
<chart>
<search>
<query>index=* sourcetype=access_combined | timechart span=5m count</query>
<earliest>$time.earliest$</earliest>
<latest>$time.latest$</latest>
</search>
</chart>
</panel>
<panel>
<title>Response Codes Over Time</title>
<chart>
<search>
<query>index=* sourcetype=access_combined | timechart span=5m count by status limit=10</query>
<earliest>$time.earliest$</earliest>
<latest>$time.latest$</latest>
</search>
</chart>
</panel>
</row>
<row>
<panel>
<title>Visitors and Hits</title>
<chart>
<search>
<query>index=* sourcetype=access_combined | timechart span=15m dc(clientip) as "Unique Visitors" count as "Hits"</query>
<earliest>$time.earliest$</earliest>
<latest>$time.latest$</latest>
</search>
<option name="charting.chart.stackMode">stacked</option>
</chart>
</panel>
</row>
<row>
<panel>
<title>Traffic by Country</title>
<table>
<search>
<query>index=* sourcetype=access_combined | iplocation clientip | stats count by Country | sort - count</query>
<earliest>$time.earliest$</earliest>
<latest>$time.latest$</latest>
</search>
<option name="drilldown">cell</option>
<option name="refresh.display">progressbar</option>
</table>
</panel>
<panel>
<map>
<search>
<query>index=* sourcetype=access_combined | iplocation clientip | geostats count</query>
<earliest>$time.earliest$</earliest>
<latest>$time.latest$</latest>
<sampleRatio>1</sampleRatio>
</search>
<option name="drilldown">none</option>
<option name="mapping.choroplethLayer.colorBins">5</option>
<option name="mapping.choroplethLayer.colorMode">auto</option>
<option name="mapping.choroplethLayer.maximumColor">0xaf575a</option>
<option name="mapping.choroplethLayer.minimumColor">0x62b3b2</option>
<option name="mapping.choroplethLayer.neutralPoint">0</option>
<option name="mapping.choroplethLayer.shapeOpacity">0.75</option>
<option name="mapping.choroplethLayer.showBorder">1</option>
<option name="mapping.data.maxClusters">100</option>
<option name="mapping.legend.placement">bottomright</option>
<option name="mapping.map.center">(0,0)</option>
<option name="mapping.map.panning">1</option>
<option name="mapping.map.scrollZoom">0</option>
<option name="mapping.map.zoom">2</option>
<option name="mapping.markerLayer.markerMaxSize">50</option>
<option name="mapping.markerLayer.markerMinSize">10</option>
<option name="mapping.markerLayer.markerOpacity">0.8</option>
<option name="mapping.showTiles">1</option>
<option name="mapping.tileLayer.maxZoom">7</option>
<option name="mapping.tileLayer.minZoom">0</option>
<option name="mapping.tileLayer.tileOpacity">1</option>
<option name="mapping.type">marker</option>
<option name="refresh.display">progressbar</option>
<option name="trellis.enabled">0</option>
<option name="trellis.scales.shared">1</option>
<option name="trellis.size">medium</option>
</map>
</panel>
</row>
<row>
<panel>
<title>Top Endpoints</title>
<table>
<search>
<query>index=* sourcetype=access_combined | stats count as requests by uri_path | sort - requests | head 10</query>
<earliest>$time.earliest$</earliest>
<latest>$time.latest$</latest>
</search>
</table>
</panel>
</row>
<row>
<panel>
<title>Top 404 Endpoints</title>
<table>
<search>
<query>index=* sourcetype=access_combined status=404 | stats count as requests by uri_path | sort - requests | head 10</query>
<earliest>$time.earliest$</earliest>
<latest>$time.latest$</latest>
</search>
</table>
</panel>
<panel>
<title>Top Client IPs</title>
<table>
<search>
<query>index=* sourcetype=access_combined | stats count as requests by clientip | sort - requests | head 10</query>
<earliest>$time.earliest$</earliest>
<latest>$time.latest$</latest>
</search>
</table>
</panel>
</row>
<row>
<panel>
<title>Bandwidth by Endpoint (MB)</title>
<table>
<search>
<query>index=* sourcetype=access_combined | stats sum(bytes) as bytes by uri_path | eval mb=round(bytes/1024/1024,2) | fields uri_path mb | sort - mb | head 10</query>
<earliest>$time.earliest$</earliest>
<latest>$time.latest$</latest>
</search>
</table>
</panel>
<panel>
<title>Top Referrers</title>
<table>
<search>
<query>index=* sourcetype=access_combined | stats count as requests by referer | sort - requests | head 10</query>
<earliest>$time.earliest$</earliest>
<latest>$time.latest$</latest>
</search>
</table>
</panel>
</row>
<row>
<panel>
<title>HTTP Methods</title>
<chart>
<search>
<query>index=* sourcetype=access_combined | eval http_method=coalesce(method, http_method) | stats count by http_method | sort - count</query>
<earliest>$time.earliest$</earliest>
<latest>$time.latest$</latest>
</search>
</chart>
</panel>
</row>
</form>
Comments
0 total
Be the first to comment on this dashboard.
Leave a comment
You must log in to post a comment.