Canary | Tech Questions
Canary is an app that you install into Splunk that implements its own extensible user interface and dashboarding system. Canary and other apps can thus contain views authored in the Sideview XML or in the new Canary XML or YAML, and Canary’s systems can render those views in those apps as interactive user interfaces for Splunk’s end users. It has been in development for many years. It is a descendant of Sideview Utils, but whereas Sideview Utils ran on top of Splunk’s “Advanced XML” systems, Canary does not. Canary’s only dependencies on Splunk technology are:
Canary does not contain, import, or rely in any way on any Splunk code from Splunk’s old “Advanced XML” systems.
What’s missing or not built yet in the current version?
Canary makes no attempt to duplicate the functionality of the Admin section aka “Settings.” There is also no general-purpose search or reporting view at this time (although those will come).
How much of the ‘Advanced XML’ content out there will run in Canary?
This is a good question and one that’s hard to give a definite answer to. Almost certainly less than half of all “Advanced XML” out there in the world will run without any modification.
What is it built in?
Basically just ES6. There are no larger frameworks like React or Angular or Backbone here. It’s itself. It does use RequireJS and JQuery heavily. There are a couple of places that use some JQueryUI widgetry. For its client-side charting, it uses Chart.js. It uses some Mako, although not nearly as much as Sideview Utils did, and this may well be eliminated in a future release.