Splunk Search
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question
Highlighted

How to create a drilldown for specific dynamic values on a table?

raju4244
Explorer
‎08-20-2015 01:00 AM

Dear Everyone,

I need some input for creating a drilldown on a table.

My Table will look like the image below

alt text

The table was created using multiple searches (used append and join commands), and the values are dynamic.

For Ex: Total Number of Computers is 200, AV is installed only on 102.

Now, my requirement is when we click 200, i should get a list of 200 hostnames. If I click on 102, I should get a list of 102 hostnames.

We created the list of hostnames on different dashboards, so we want to know how to use drilldown for this kind situation.

PS: All data comes from different sources. The searches we used to to make table don't have any relation with other.

Tags (2)
0 Karma
Reply
Highlighted

Re: How to create a drilldown for specific dynamic values on a table?

somesoni2
SplunkTrust
SplunkTrust
‎08-20-2015 08:33 AM

Ideally, you would be passing down the values for the primary key (ITEM) OR just the column name clicked (AV OR TOTAL), and your next query on the drilldown dashboard, you'll set the value of primary key and have logic to show data based on clicked column. But it all depends on your queries that you use.

This link provides the drilldown tokens that are available for use on click. My guess would be that you'd use $click.value$ OR $row.ITEM$ to get the primary key and $click.name2$ to get the category of the ITEM to show.
http://docs.splunk.com/Documentation/Splunk/6.2.1/Viz/tokens#Define_tokens_for_dynamic_drilldown

0 Karma
Reply
Speak Up for Splunk Careers!

We want to better understand the impact Splunk experience and expertise has has on individuals' careers, and help highlight the growing demand for Splunk skills.