Dashboards & Visualizations

Dynamically Appending OR Clauses Based on Form Input

kwailo
Explorer

Based on form input (e.g. the state of multiple checkboxes) I would like to build a search query comprised of multiple OR clauses.
For example:
Given 3 checkboxes: "USA", "Canada", "Mexico", I'd like to dynamically build a query that contains any of the above countries, like so:

source="abc" country="USA" OR country="Canada" OR country="Mexico"

If, for example, the "Canada"checkbox is unchecked, the country's name will be omitted from the search query, like so:

source="abc" country="USA" OR country="Mexico"

What would be the correct mechanism to use to achieve this functionality?

Tags (1)
0 Karma
1 Solution

martin_mueller
SplunkTrust
SplunkTrust

Then you can do the same thing as I suggested in the linked question - start with a neutral term that matches nothing, and append "OR country=value" for each checkbox.

View solution in original post

martin_mueller
SplunkTrust
SplunkTrust

Then you can do the same thing as I suggested in the linked question - start with a neutral term that matches nothing, and append "OR country=value" for each checkbox.

kwailo
Explorer

When no checkbox is checked, the search should return no countries. I will edit the question to clarify.

0 Karma

martin_mueller
SplunkTrust
SplunkTrust

When no checkbox is checked - is the search supposed to return all countries or nothing?

Note, here's a similar question asked recently: http://answers.splunk.com/answers/116083/multiple-or-tokens-in-a-simple-form-not-working-as-expected

Get Updates on the Splunk Community!

The Splunk Success Framework: Your Guide to Successful Splunk Implementations

Splunk Lantern is a customer success center that provides advice from Splunk experts on valuable data ...

Splunk Training for All: Meet Aspiring Cybersecurity Analyst, Marc Alicea

Splunk Education believes in the value of training and certification in today’s rapidly-changing data-driven ...

Investigate Security and Threat Detection with VirusTotal and Splunk Integration

As security threats and their complexities surge, security analysts deal with increased challenges and ...