How do I create dependent dropdowns/filters?

borolen · ‎07-26-2022

I have 3 filters for servers like this: (the tokens from these filters are used in the query)

Server1 : Bridge_API, Bridge_UAT, Bridge_UAT_API

Server2: PG_API, PG_UAT, PG_UAT_API

Server 3: PA_API, PA_UAT, PA_UAT_API

When I select a server type from any of the dropdown for e.g. if I select Bridge_API from Server1 dropdown, the other filters should switch to *_API and query the data. (if I select a server from the Server 2, the corresponding suffix server should be updated)

Similarly for Bridge_UAT others should switch to PG_UAT and PA_UAT.

How can I achieve this?

gcusello · ‎07-26-2022

Hi @borolen,

if the value of the second and third dropdown is only one after the first choice, why do you use a dropdown for 2 and 3?

You could put these information in alookup and use it after the first choice.

If instead after the first choice (e.g. server1) you could have more values for dropdown 2 and 3, you have to create a search using the token from dropdown 1, e.g. something like this:

  <fieldset submitButton="false">
    <input type="dropdown" token="dropdown1">
      <label>Dropdown 1</label>
      <search>
        <query>
           index=your_index 
           | dedup field1
           | sort field1
           | table field1
        </query>
        <earliest>-24h@h</earliest>
        <latest>now</latest>
      </search>
      <choice value="*">All</choice>
      <prefix>field1="</prefix>
      <suffix>"</suffix>
      <fieldForLabel>field1</fieldForLabel>
      <fieldForValue>field1</fieldForValue>
    </input>
    <input type="dropdown" token="dropdown2">
      <label>Dropdown 2</label>
      <search>
        <query>
           index=your_index field1=$dropdown1$
           | dedup field2
           | sort field2
           | table field2
        </query>
        <earliest>-24h@h</earliest>
        <latest>now</latest>
      </search>
      <choice value="*">All</choice>
      <prefix>field2="</prefix>
      <suffix>"</suffix>
      <fieldForLabel>field2</fieldForLabel>
      <fieldForValue>field2</fieldForValue>
    </input>
    <input type="dropdown" token="dropdown3">
      <label>Dropdown 1</label>
      <search>
        <query>
           index=your_index field1=$dropdown1$ field2=$dropdown2$
           | dedup field3
           | sort field3
           | table field3
        </query>
        <earliest>-24h@h</earliest>
        <latest>now</latest>
      </search>
      <choice value="*">All</choice>
      <prefix>field3="</prefix>
      <suffix>"</suffix>
      <fieldForLabel>field3</fieldForLabel>
      <fieldForValue>field3</fieldForValue>
    </input>
   </fieldset>

Ciao.

Giuseppe

borolen · ‎07-27-2022

Hi @gcusello ,

I do not have more values for server 2, server 3. The values are static for dropdowns. I just have to make the others consistent with the suffix of one I have selected.

I don't have different fields like field1, field2 etc. All these are are the same field as sourcetype. Also, I want the update to be bidirectironal ie.e if I select from dropdown 2 it should reflect in the other dropdowns

gcusello · ‎07-27-2022

Hi @borolen,

as I said, if after the first dropdown choice, you have only one static value for the second and third dropdown, you don't need tu use dropdows, but you can take these values from the search or from a lookup, so your interfase is easier to use (your users have to use only one input!).

Ciao.

Giuseppe

How do I create dependent dropdowns/filters?

form

Announcing Scheduled Export GA for Dashboard Studio

Extending Observability Content to Splunk Cloud

More Control Over Your Monitoring Costs with Archived Metrics GA in US-AWS!