Dashboard that takes one input(field) and then det...

Patrunner · ‎10-14-2024

Anyone have a tip on how to have a token(from field)- and then determine which query to run based on that input?

For example
(datasources/queries: fruit, meat, vegetable)

Field: banana
->run query for fruit
->display table about banana from said query.

Struggling with this one- trying to make a dynamic search bar that populates tables based on the input- thus making multiple of my dashboard redundant. Slimming things down.

Patrunner · ‎10-17-2024

Thanks for the reply, however Im not quite looking for an alternative solution. Im wondering if this is something splunk is capable of.

richgalloway · ‎10-17-2024

Another option perhaps closer to what you seek is to have each input set a token with the appropriate query string. Then the search will just invoke that token.

For instance, if "banana" is selected, then the input token's <change> element might set a token called $query$ to what is needed to search for fruit. The <query> element then becomes simply

<query>$query$</query>

---
If this reply helps you, Karma would be appreciated.

richgalloway · ‎10-14-2024

One approach is to have a separate panel for each search then have the selected token make the appropriate panel appear.

---
If this reply helps you, Karma would be appreciated.

Dashboard that takes one input(field) and then determines which query to run?

Dashboard Studio

Splunk Decoded: Service Maps vs Service Analyzer Tree View vs Flow Maps

What’s New in Splunk Observability – September 2025

Fun with Regular Expression - multiples of nine

Are you a member of the Splunk Community?

Dashboard that takes one input(field) and then determines which query to run?

Dashboard Studio

Splunk Decoded: Service Maps vs Service Analyzer Tree View vs Flow Maps

What’s New in Splunk Observability – September 2025

Fun with Regular Expression - multiples of nine