thanks renjith
last question
why you have deleted : + " / " + NbIndHost + " machines "?
I need to keep this piece of code and to color it in blue
is it possible??

As mentioned above, single value customization works on numeric values. So if you add the strings to that, then the formatting can not be done.
One option is to use under label option and set the value there. I have updated the answer with that option.
If that's not what you are looking for, then you might need to use either the Status Indicator App or css/js solutions

thanks renjith

hi
i just have an issue with

/ $NbIndHost$ machines
the token doesnt works (see screenshot)
https://www.cjoint.com/c/IGdhqOOpLLd

have you an idea??

@jip31,

As mentioned in the above XML, have you added this part in search tag?

   <latest>now</latest>
            <done>
                      <set token="NbIndHost">$result.NbIndHost$</set>
            </done>
          </search>

Yes
you can see my xml

[| inputlookup host.csv
| table host] index="ai-wkst-wineventlog-fr" sourcetype=XmlWinEventLog source="XmlWinEventLog:System" EventCode=* (Level=1 OR Level=2 OR Level=3)
| dedup host
| lookup lookup_cmdb_fo_all.csv HOSTNAME as host output SITE
| search SITE=$tok_filtersite|s$
| stats dc(host) as NbEventCodeHost
| appendcols
[| inputlookup host.csv
| lookup lookup_cmdb_fo_all.csv HOSTNAME as host output SITE
| search SITE=$tok_filtersite|s$
| stats dc(host) as NbIndHost
]
| eval Perc=round((NbEventCodeHost/NbIndHost)*100,2)
| table Perc
-30d@d
now
$result.NbIndHost$


block
["0x65a637","0xf1813f","0xd93f3c"]
[5,25]
progressbar
absolute
%
1
/ $NbIndHost$ machines

Not able to see the xml. can you put them in code to avoid the xml truncate?

HERE IS THE CODE

"You dont need to use Capital letters , "just saying"

in your search , you missed to add NbIndHost with the table command which is in the actual XML I pasted

i.e.

    | table Perc,NbIndHost

oh sorry its exact
I didnt see that you added this in table
thanks

But I found a second issue

$result.NbIndHost$ is linked to a dropdown list like you can see in `| search SITE=$tok_filtersite|s$ `

but when I am doing a choice in | search SITE=$tok_filtersite|s$ the result in $result.NbIndHost$ doesnt change
Have you an idea please??

Updated the answer to change the token name just to avoid confusions

token name has been changed from NbIndHost to NbInd_Token

Regarding your question, when you change the token , does the value under the field NbIndHost change? You can view that by opening the search

like this is correct!

is it working for you or do you have still issues?

its ok thanks!

<panel>
      <title>TEST</title>
      <single>
        <title>TEST</title>
        <search>
          <query>[| inputlookup host.csv 
    | table host] index="ai-wkst-wineventlog-fr" sourcetype=XmlWinEventLog source="XmlWinEventLog:System" EventCode=* (Level=1 OR Level=2 OR Level=3) 
| dedup host 
| lookup lookup_cmdb_fo_all.csv HOSTNAME as host output SITE 
| search SITE=$tok_filtersite|s$ 
| stats dc(host) as NbEventCodeHost 
| appendcols 
    [| inputlookup host.csv 
    | lookup lookup_cmdb_fo_all.csv HOSTNAME as host output SITE 
    | search SITE=$tok_filtersite|s$ 
    | stats dc(host) as NbIndHost 
        ] 
| eval Perc=round((NbEventCodeHost/NbIndHost)*100,2)
| table Perc</query>
          <earliest>-30d@d</earliest>
          <latest>now</latest><done>
                       <set token="NbIndHost">$result.NbIndHost$</set>
             </done>
        </search>
        <option name="colorMode">block</option>
        <option name="rangeColors">["0x65a637","0xf1813f","0xd93f3c"]</option>
        <option name="rangeValues">[5,25]</option>
        <option name="refresh.display">progressbar</option>
        <option name="trendDisplayMode">absolute</option>
        <option name="unit">%</option>
        <option name="useColors">1</option>
        <option name="underLabel">/ $NbIndHost$ machines</option>
      </single>
    </panel>