Hello, I'm trying to make my dashboard more dynamic where the color of a panel can change based on the search results. For example, I want the panel to be green if no errors come in, and then if an error comes up, then it turns red. So far, I have set up a default value for the token and am able to change the token using a user input dropdown. So I can get the panel to change colors based on user input, but am unable to do so automatically when an error comes up. Your help is much appreciated!
Here is the query I am using:
index=index
| eval $colorTest2$=case(payload.status=="400 BAD_REQUEST", "#d41f1f")
| rename payload.status as statuscode
| stats count by statuscode
Here is the code for the panel:
{
"type": "splunk.column",
"dataSources": {
"primary": "ds_BaNWItWC_ds_A6hQFC1Q_ds_Aa7DGgzs_ds_DNwXAJTk_ds_FegrLP62"
},
"showProgressBar": false,
"showLastUpdated": false,
"title": "Status Codes Chart",
"options": {
"dataValuesDisplay": "all",
"seriesColors": [
"$colorTest2$"
]
},
"eventHandlers": [],
"context": {}
}
Here is the code for the dropdown input:
{
"options": {
"items": [
{
"label": "Green",
"value": "#118832"
},
{
"label": "Red",
"value": "#d41f1f"
}
],
"token": "colorTest2",
"selectFirstSearchResult": true
},
"title": "Color Picker Test",
"type": "input.dropdown"
}
