what's the search you used in the Glass table?

>>> I have not create any additional search query , I have created few services along with KPI.. and simple used Data source in Line chart. Expecting data should directly visible.

When I tried to display the ITSI data in a dashboard I built a lookup with the service decomposition and I used it to associate the kpi data from itsi_summary index to the services. 

>> Can you elaborate this process. 

Let me explain my scenario : 

I am working on a use-case development task where I have created a network hierarchy.
At the base level, I added Mumbai router, Mumbai core, Bangalore router, and Bangalore core devices with KPIs such as CPU and memory usage.
Then I created separate Mumbai and Bangalore services — the Mumbai service is associated only with Mumbai devices, and the Bangalore service only with Bangalore devices — pulling the service health score.
Finally, I created a main network service at the top level that is associated with the location services.
Now I want to showcase the separate health status along with the KPIs and also display the cumulative health score at the top level

Hi @Namdev ,

to work on Glass tables or dashboards you have to create a search the quesies the itsi_summary index to take the KPIs to display in the Glass Table.

But in the itsi_summary index, services are listed by serviceid and there isn't the service decomposition that you have to rebuild it using a search.

In other words, you have to run something like this (I don't know how many levels you have) to create a lookup that contains for all the services of your decomposition: serviceid and title: 

| getservice 
| fields serviceid title serv*dep*
| fillnull services_depending_on_me
| search services_depending_on_me=0
| makemv delim="serviceid=" services_depends_on
| mvexpand services_depends_on
| rex field=services_depends_on mode=sed "s/~~~.*//g"
| rename services_depends_on as stage2 title as stage1_title
| join stage2 type=left
    [| getservice
    | rename serviceid as stage2 
    | fields stage2 title services_depends_on]
| rename services_depends_on as stage3 title as stage2_title| makemv delim="serviceid=" stage3
| mvexpand stage3
| rex field=stage3 mode=sed "s/~~~.*//g"
| join stage3 type=left
    [| getservice
    | rename serviceid as stage3
    | fields stage3 title services_depends_on]
| rename services_depends_on as stage4 title as stage3_title| makemv delim="serviceid=" stage4
| mvexpand stage4
| rex field=stage4 mode=sed "s/~~~.*//g"
| join stage4 type=left
    [| getservice
    | rename serviceid as stage4
    | fields stage4 title services_depends_on]
| rename services_depends_on as stage5 title as stage4_title| makemv delim="serviceid=" stage5
| mvexpand stage5
| rex field=stage5 mode=sed "s/~~~.*//g"

 Ciao.

Giuseppe