How to parse search time from one dashboard to ano...

leomedina · ‎05-16-2017

Hello all,

I have several dashboards and would like to keep the same time searching period when navigating from one dynamic dashboard to another. What would be the best approach for something like this?

woodcock · ‎05-16-2017

Just add a timepicker, give it a default value and reference it inside of each of your panel's searches. If you would like it to not be alterable, then make the control invisible.

gcusello · ‎05-16-2017

Hi leomedina,
are you speaking about drilldown?
if you want to pass the time period from a dashboard to another you have to insert in your drilldown url the two tokens, something like this:

<drilldown>
  <link>secondary_dashboard?token1=$row.field1$&amp;TimeFrom=$Time.earliest$&amp;TimeTo=$Time.latest$</link>
</drilldown>

and in the secondary dashboard you have to insert the two time tokens in earliest and latest tags

<earliest>$TimeFrom$</earliest>
<latest>$TimeTo$</latest>

Bye.
Giuseppe

How to parse search time from one dashboard to another

SOCin’ it to you at Splunk University

Credit Card Data Protection & PCI Compliance with Splunk Edge Processor

Stay Connected: Your Guide to July Tech Talks, Office Hours, and Webinars!

Are you a member of the Splunk Community?

How to parse search time from one dashboard to another

SOCin’ it to you at Splunk University

Credit Card Data Protection & PCI Compliance with Splunk Edge Processor

Stay Connected: Your Guide to July Tech Talks, Office Hours, and Webinars!