Each panel on a dashboard has a Splunk Search at its origin. The search you created for the server up time has fields that you can display in a table or chart, or you can pull specific values out of that search result and display it using tokens.

So however you are going to display it... it must begin with some kind of search. If you would like the applications on each server to display dynamically (i.e. when someone drills down on each server) then you'll be taking the server name/address value and passing it via token to the second search so that you are listing the apps from a particular server. In order to do that there are several ways one might use that server value. The most straight forward would be using the search server=$tok_blah$ example. where the value of the token is used as a filter in your second search. So It might look like index=foo |search server=$tok_blah$|stats count by application_name Or you might say instead `index=foo|stats list(application_name) by $tok_blah$

You'll want to look here: doc on tokens and dashboards
And here: which discusses contextual drilldowns in dashboards

Hopefully this will help get you started in the right direction.