Dropdown filter

pb2 · ‎10-04-2020

Want to have a drop down filter which is filled dynamically .

Filter should have the following options :

1. Latest 5 Numbers

2. Latest 10 Numbers

3 . Latest 15 Numbers

These numbers should be populated by some time field .

there is a time field existing and last 5 numbers should be queried out according to time and according the dropdown should be grouped as last 5 numbers , last 10 numbers and last 15 numbers ..

gcusello · ‎10-04-2020

Hi @pb2,

you could create a dropdown like this:

    <input type="dropdown" token="my_token">
      <label>Values</label>
      <choice value="| head 5">Latest 5 Numbers</choice>
      <choice value="| head 10">Latest 10 Numbers</choice>
      <choice value="| head 15">Latest 15 Numbers</choice>
      <default>| head 5</default>
      <search>
        <query>
        </query>
        <earliest>0</earliest>
        <latest></latest>
      </search>
    </input>

Then run a search like this (obviously to adapt to your need):

your_search
| stats count BY host
| sort -count
$my_token$

Ciao.

Giuseppe

richgalloway · ‎10-04-2020

Please be more specific about your requirements and what you want to see on the dashboard.

In my mind, the last 5 numbers are ♾, ♾-1, ♾-2, ♾-3, and ♾-4, but they're not very useful in Splunk so perhaps you're thinking of 5 other numbers.

---
If this reply helps you, Karma would be appreciated.

Dropdown filter

form

Announcing Scheduled Export GA for Dashboard Studio

Extending Observability Content to Splunk Cloud

More Control Over Your Monitoring Costs with Archived Metrics GA in US-AWS!