How to create a drilldown for specific dynamic val...

raju4244 · ‎08-20-2015

Dear Everyone,

I need some input for creating a drilldown on a table.

My Table will look like the image below

The table was created using multiple searches (used append and join commands), and the values are dynamic.

For Ex: Total Number of Computers is 200, AV is installed only on 102.

Now, my requirement is when we click 200, i should get a list of 200 hostnames. If I click on 102, I should get a list of 102 hostnames.

We created the list of hostnames on different dashboards, so we want to know how to use drilldown for this kind situation.

PS: All data comes from different sources. The searches we used to to make table don't have any relation with other.

somesoni2 · ‎08-20-2015

Ideally, you would be passing down the values for the primary key (ITEM) OR just the column name clicked (AV OR TOTAL), and your next query on the drilldown dashboard, you'll set the value of primary key and have logic to show data based on clicked column. But it all depends on your queries that you use.

This link provides the drilldown tokens that are available for use on click. My guess would be that you'd use $click.value$ OR $row.ITEM$ to get the primary key and $click.name2$ to get the category of the ITEM to show.
http://docs.splunk.com/Documentation/Splunk/6.2.1/Viz/tokens#Define_tokens_for_dynamic_drilldown

How to create a drilldown for specific dynamic values on a table?

Observability | How to Think About Instrumentation Overhead (White Paper)

Cloud Platform | Get Resiliency in the Cloud Event (Register Now!)

The Great Resilience Quest: 10th Leaderboard Update