As per warning https://github.com/splunk/splunk-3D-graph-network-topology-viz/security/dependabot/appserver/static/visualizations/3d_graph_network_topology_viz/package-lock.json/three/open

update default.meta to export algorithms for use in other apps.

Currently using the algorithms: GraphLabelPropagation & GraphConnectedComponents cause errors when they are run outside the app.

I suggest the following fix to default.meta:

[algos]
access = read : [ * ], write : [ admin ]
export = system

After a year progress on the used libraries those moved from version 1.45 to 1.60 which could be good thing to update from https://github.com/vasturiano/3d-force-graph and test if the viz is working with that

App version: 1.3.0
Splunk version: 8.2
Issue description: Search bar not shown when loading dashboard "Graph Analysis Framework"

The underlying layout engine offers more tuning parameters that users want to adjust for their specific use case: https://github.com/vasturiano/3d-force-graph#force-engine-configuration , e.g. d3Force would be worth investigating of attraction and repulsion forces can be exposed with a numeric value text input or slider type of control into the custom viz format options.

Research about improving the stability and performance of the app to check if the initialisation of the 2 available renderers (2D and 3D) can be modified to have not both of them initialised to be switched, but to better initialise on demand when the switch happens and preventing of running a non-visible but resource consuming panel.

In certain situations nodes get coloured if source colour and destination color is different for the same node Id which causes wrong display results in the visualisation. Create a simple reproducible set to validate and investigate this behaviour to find out what fixes or workaround can help in this situation.

As a user I want to display a graph as directed graph with arrows drawn at the edges. The underlying library supports this in 3D mode, so it could be worth checking it out to add it easily: https://vasturiano.github.io/3d-force-graph/example/directional-links-arrows/

When I switch from 3D to 2D, the graph disappears and the error ReferenceError: Can't find variable: link_color is shown in the console.

Even if supporting Search Head Cluster (SHC), to avoid undesired warnings when installing the app in SHC Cloud deployments, re-package the app adding app.manifest.

More info

Hi team,
First of all allow me thank you for the great app you've built. I find it very useful.

I am facing an issue with it, where I am trying to explore the Eigencentrality within a large group of people (100+).
The resulting dataset contains around 1500 rows with src, dest, count and all the other necessary fields for the visualization.
I actually used the same queries that are available in the app OOTB for the centrality measures.

My problem is that if a use a "| sort - src" I get one result in the visualization. When I use a "|sort src" (i.e. ascending order) then I get different result in the visualization. I.e. different nodes are marked as "influential" or "prestigious" depending on the sort order.

Is this something to be concerned about or is it expected? I am not sure, but I think the results should always be the same, when trying to visualize the eigencentrality of the same group, regardless of the sort order.

Any ideas?

BTW, same thing can be tested if you change the sort order of the graph query of the OOTB dashboard called "graph_analysis_centrality". You will get two different pictures depending on the sort order.

Research about improving the stability and performance of the app to check if the initialisation of the 2 available renderers (2D and 3D) can be modified to have a throttling of the render loop (= how often the visualisation and the lay outing is happening). Typically there is a repeated interval loop that is called often and causes high resource consumption or even instability especially if more than one visualisations are run, e.g. on a dashboard. Either the rendererConfig OR the renderer() should give access to the behaviour of the threejs render system. Implement a "frame rate throttling option" in the viz format options, e.g. 60 frames per second, 30, 20 etc. so people could adjust for their given situation.

In order to drill down from the visulization to interact in a dashboard an added drill down behaviour would be great to set a dashboard token with the primary node information (typically the node id that was taken from the search results). Click on a node maintains the default viz behaviour but adds also the setting of a dashboard token.

when visualizing data it would be super helpful to have a toggle labels option for the nodes.

when exploring data through graphs/visualization to be able to quickly see a nodes name/value and then click on it to expand it in a new view with a token pass through would make this extremely powerful.

is that possible? It could almost be like some sort of minority report style interface for data set review which would be awesome!
thanks!

Update docs how to check for WebGL support in client browser, e.g. pointer to chrome://gpu/ etc. to have this available in README or splunkbase app docs.