While searching with time range, timestamp append 5:30 UTC time in query. I don't want to append 5:30
using '$tokEarliest1$' and '$tokLatest1$' in search query.
Below are the code-
<form theme="dark">
<label>CIS Usage Dashboard - Event Rate</label>
<search>
<query> |makeresults
</query>
<earliest>$timepicker.earliest$</earliest>
<latest>$timepicker.latest$</latest>
<progress>
<eval token="tokEarliest">strptime($job.earliestTime$,"%Y-%m-%dT%H:%M:%S.%3N%z")</eval>
<eval token="tokLatest">strptime($job.latestTime$,"%Y-%m-%dT%H:%M:%S.%3N%z")</eval>
<eval token="tokEarliest1">strftime(tokEarliest,"%Y-%m-%d %H:%M:%S.%3N")</eval>
<eval token="tokLatest1">strftime(tokLatest,"%Y-%m-%d %H:%M:%S.%3N")</eval>
</progress>
</search>
<description>draft event ingestion rate by wfm at day or hour level</description>
<fieldset submitButton="true" autoRun="false">
<input type="time" token="timepicker" searchWhenChanged="false">
<label>Time Range</label>
<default>
<earliest>-24h@h</earliest>
<latest>now</latest>
</default>
</input>
<input type="dropdown" token="stack">
<label>Select the Stack</label>
<choice value="cust01">Kronos Customer Stack (CUST)</choice>
<default>cust01</default>
<initialValue>cust01</initialValue>
<fieldForLabel>stack</fieldForLabel>
<fieldForValue>stack</fieldForValue>
</input>
<input type="dropdown" token="env" searchWhenChanged="true">
<label>Environment</label>
<fieldForLabel>env</fieldForLabel>
<fieldForValue>env</fieldForValue>
<default>prd01</default>
<search>
<query>index=cust-prd-wfd-wfl-*
|eval env = mvindex(split(host, "-"), 1)
| stats count by env</query>
<earliest>-15m</earliest>
<latest>now</latest>
</search>
</input>
<input type="dropdown" token="cluster">
<label>Select the WFM Cluster</label>
<fieldForLabel>cluster</fieldForLabel>
<search>
<query>index=*-wfd-wfm-ilb
| rex field=host "\w+\d{2}\-(?<env>\w+)\-ins\d+\-(?<cluster>wfm\d+)"|search host="*$env$*"
| stats count by cluster
| fields cluster</query>
<earliest>-15m</earliest>
<latest>now</latest>
</search>
<fieldForValue>cluster</fieldForValue>
<choice value="">All</choice>
<default>All</default>
</input>
<input type="dropdown" token="timespan">
<label>Time Span</label>
<choice value="1h">Hour</choice>
<choice value="1d">Day</choice>
<initialValue>1d</initialValue>
</input>
</fieldset>
<row>
<panel>
<search id="basedatesearch">
<query>| koogledimen service=WFMPPASQuery action=QueryAllWFMAtOnce scope="cust01-$env$" query="select date(created_timestamp) , sum(case when status = 1 then 1 else 0 end) as success,
sum(case when status = 0 or status = 2 and dispatch_count < 4 then 1 else 0 end) as processing,
sum(case when status = 2 and dispatch_count = 4 then 1 else 0 end) as error
from domain_event_listener_status where listener_id='CIS_PUSH_LISTENER' and created_timestamp >= '$tokEarliest1$' and created_timestamp <= '$tokLatest1$' group by date(created_timestamp)"| eval envstatus=if(like(scope, "%$env$%"), 1, 0)| eval wfmstatus=if(like(scope, "%$cluster$%"), 1, 0)| where envstatus=1 and wfmstatus=1
</query>
<earliest>-24h@h</earliest>
<latest>now</latest>
</search>
<title>Events Count by WFM - Success</title>
<chart>
<search base="basedatesearch">
<query> | chart sum(success) by date,scope</query>
</search>
<option name="charting.axisTitleX.text">WFM</option>
<option name="charting.axisTitleY.text">Event Counts</option>
<option name="charting.chart">line</option>
<option name="charting.drilldown">none</option>
<option name="refresh.display">progressbar</option>
</chart>
</panel>
</row>
</form>
Have any solution for this ?
