Essentailly I'm trying to create a form that uses a wildcard by default so users can just hit search on page load and get all values of the field, then the user can input specific values in the field so they can limit what they're seeing. When I specify "< default>*< /default>" it errors out with "Error in 'search' command: Unable to parse the search: Comparator '=' is missing a term on the right hand side". THe fieldset and searchTemplate stream is as follows:

< fieldset>
< input type="text" token="Administrator" />
< default>*< /default>
< /fieldset>

< searchTemplate>(index=windows_7 OR index=windows_2008_R2) source=wineventlog:security EventCode=4720 src_user=$Administrator$ | table _time, src_user, host, dest_nt_domain, signature, user, Display_Name< /searchTemplate>