How to generate drop-down list of values from a re...

deepthi5 · ‎07-27-2015

I have a search like this:

source="C:\\Budapest Router1full.csv" host="SEZ00VVM-153"   sourcetype="csv" date_wday!=saturday AND date_wday!=sunday| rex field=source "(?<country>.*?)$"| lookup datacentre.csv country OUTPUT start_hour end_hour receivebandwidth |where date_hour>=start_hour AND date_hour<= end_hour | eval Intraffic=IN/1048576 |timechart  span=1d perc95(Intraffic) AS 95thPercentile ,values(receivebandwidth) as MaxIN-Bandwidth

source="C:\\Adelaida Full.csv" host="SEZ00VVM-153"   sourcetype="csv" date_wday!=saturday AND date_wday!=sunday| rex field=source "(?<country>.*?)$"| lookup datacentre.csv country OUTPUT start_hour end_hour receivebandwidth |where date_hour>=start_hour AND date_hour<= end_hour | eval Intraffic=IN/1048576 |timechart span=1mon  perc95(Intraffic) AS 95thPercentile ,values(receivebandwidth) as MaxIN-Bandwidth

I am extracting the Source as country name and saving it in the country field using rex. Now I want to create a drop-down with the country names, so whenever I select a country name, that search command should run. Can someone help me?

Also, how do I add a time range picker to this for each panel. For example, I want to run budaleda for last 7 days, whereas adelaide the last 3 months?

Please help me

lguinn2 · ‎07-27-2015

This page in the documentation contains information about both creating drop-downs in a form, and on setting time inputs for each panel.
Form examples

However, you might find the Splunk 6.x Dashboard Examples app useful as well.

How to generate drop-down list of values from a rex extracted field and add a time range picker to each panel?

.conf24 | Registration Open!

ICYMI - Check out the latest releases of Splunk Edge Processor

Introducing the 2024 SplunkTrust!