@gcusello is there a way I can assign a token with entire search query including the wild card characters.

<input type="dropdown" token="" searchWhenChanged="true">

<choice value="1">xxxxx</choice>

<choice value="2">yyyyy</choice>

<change>

      <condition value="1">

          <set token="search_query">

index=ssss "<base search criteria>" | rex command to execute 2 fields | eval for date time conversion | timechart | eval to validate range to find if the count was in expected range

</set>  ------- code breaks here with error - Unexpected close tag

Basically the rex which has wild card character search is the cause for the error. Am trying to find which is the character that I should escape. Struggling to figure out as I have all characters in there _,.*()\ etc., Any help in this regard would be much appreciated

I am not sure if I have conveyed my question right. I mean to write code for just one panel which is capable of displaying based on the requirement. I don't want to  write too many queries/lines of code which will make it hard to maintain when the number of options in the dropdown is expected to exceed beyond 20!

are you saying that I need to have hardcoded panels set and just set or unset token based on the value selected. Is that right! What I mean is I will have one panel which caters to the need of displaying based on selected value "index=population name=<$dropdownvalue> | timechart count sum(people) span=1d" and remaining 5 panels with 5 different queries "index=population name='USA' | timechart count sum(people) span=1d" and 4 more with respective name. Based on the value selected set/unset token to get required detail! 

You would only need a single base search to do the initial query, but then every other panel would use that base search then use a | where clause to filter out only the data for that panel.

However, @ITWhisperer solution would seem like a far easier option - does that not work for you?

I wish what am trying to achieve is as simple as I conveyed. I did try setting a base query and then tried rebuilding query based on panel. However this is again adding too many panels to get the right query to be executed. I stumbled upon this discussion "https://community.splunk.com/t5/Dashboards-Visualizations/How-to-display-dashboard-panels-dynamicall... . Here search query is set based on change of dropdown value and in the panel just execute to visualise the chart with right values(referring to the solution by gyslainlatsa)

. However when I tried doing the same, I am getting an error which says unexpected close tag. I also noticed later that it was a very old thread with reference links broken.  Any idea how I can achieve this in latest version. 

My search query I am trying to set as token on condition value looks like this:

index=ssss "<base search criteria>" | rex command to execute 2 fields | eval for date time conversion | timechart | eval to validate range to find if the count was in expected range

Basically the rex which has wild card character search is the cause for the error. Am trying to find which is the character that I should escape. Struggling to figure out as I have all characters in there _,.*()\ etc., Any help in this regard would be much appreciated

Hi @sdkp03,

as I said, yes it's possible, see in the above app how to hide or display a panel in a dashboard based on a condition (e.g. a token).

Ciao.

Giuseppe