Below search form - prevent the user from entering "wildcard " inputs in the text field.
- if user entera any wildcard or blank value in text field - it will show error message.
Now, in this form I wanted to allow the user to do wildcard searches when the dropdown input value is only "audit"
<form>
<label>Text Box validation</label>
<fieldset submitButton="false">
<input type="dropdown" token="dropdown_input">
<label>Type</label>
<showClearButton>false</showClearButton>
<choice value="type1">audit</choice>
<choice value="type2">splunkd</choice>
</input>
<input type="text" token="selText">
<label>Enter Log Level (like INFO, WARN, ERROR, FATAL </label>
<change>
<eval token="tokLogLevel">case(len($value$)>0 AND NOT like($value$,"%*%"),$value$)</eval>
</change>
</input>
</fieldset>
<row>
<panel>
<html rejects="$tokLogLevel$">
<div style="color:red;text-align:center;font-weight:bold;font-size:150%">
Log Level does not accept asterix (*)!!!
</div>
</html>
<table depends="$tokLogLevel$">
<title>Log Level Volume</title>
<search>
<query>index="_internal" sourcetype=$dropdown_input$ log_level="$tokLogLevel$"
| stats count by log_level
| appendpipe [| makeresults
| eval log_level="$tokLogLevel$",count=0
| fields - _time]
| dedup log_level</query>
<earliest>-24h@h</earliest>
<latest>now</latest>
<sampleRatio>1</sampleRatio>
</search>
<option name="count">20</option>
<option name="dataOverlayMode">none</option>
<option name="drilldown">cell</option>
<option name="percentagesRow">false</option>
<option name="rowNumbers">false</option>
<option name="totalsRow">false</option>
<option name="wrap">true</option>
</table>
</panel>
</row>
</form>
Hi
Give a try
<form>
<label>Text Box validation</label>
<fieldset submitButton="false">
<input type="dropdown" token="dropdown_input">
<label>Type</label>
<showClearButton>false</showClearButton>
<choice value="type1">audit</choice>
<choice value="type2">splunkd</choice>
<change>
<unset token="form.selText"></unset>
<unset token="tokLogLevel"></unset>
</change>
</input>
<input type="text" token="selText">
<label>Enter Log Level (like INFO, WARN, ERROR, FATAL</label>
<change>
<condition match="$dropdown_input$ == "type2" AND len($value$)>0 AND NOT like($value$,"%*%")">
<set token="tokLogLevel">$value$</set>
</condition>
<condition match="$dropdown_input$ == "type1" AND len($value$)>0">
<set token="tokLogLevel">$value$</set>
</condition>
</change>
</input>
</fieldset>
<row>
<panel>
<html rejects="$tokLogLevel$">
<div style="color:red;text-align:center;font-weight:bold;font-size:150%">
Log Level does not accept asterix (*)!!!
</div>
</html>
<table depends="$tokLogLevel$">
<title>Log Level Volume</title>
<search>
<query>index="_internal" sourcetype=$dropdown_input$ log_level="$tokLogLevel$"
| stats count by log_level
| appendpipe [| makeresults
| eval log_level="$tokLogLevel$",count=0
| fields - _time]
| dedup log_level</query>
<earliest>-24h@h</earliest>
<latest>now</latest>
<sampleRatio>1</sampleRatio>
</search>
<option name="count">20</option>
<option name="dataOverlayMode">none</option>
<option name="drilldown">cell</option>
<option name="percentagesRow">false</option>
<option name="rowNumbers">false</option>
<option name="totalsRow">false</option>
<option name="wrap">true</option>
</table>
</panel>
</row>
</form>
Hi @splunker12er,
Nice work !
The rest is easy, just duplicate the panel that includes your table and add a depends on the type1/type2 to each of those panels. One will allow wildcards and the others won't. Ez pz.
Another solution would be using double tokens : <panel depends="$token1$,$token2$">
which is also simple.
Cheers,
David