Splunk Search
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

How to parse search time from one dashboard to another

leomedina
Explorer
‎05-16-2017 12:41 AM

Hello all,

I have several dashboards and would like to keep the same time searching period when navigating from one dynamic dashboard to another. What would be the best approach for something like this?

0 Karma
Reply

woodcock
Esteemed Legend
‎05-16-2017 04:27 PM

Just add a timepicker, give it a default value and reference it inside of each of your panel's searches. If you would like it to not be alterable, then make the control invisible.

0 Karma
Reply

gcusello
SplunkTrust
SplunkTrust
‎05-16-2017 12:49 AM

Hi leomedina,
are you speaking about drilldown?
if you want to pass the time period from a dashboard to another you have to insert in your drilldown url the two tokens, something like this:

<drilldown>
  <link>secondary_dashboard?token1=$row.field1$&amp;TimeFrom=$Time.earliest$&amp;TimeTo=$Time.latest$</link>
</drilldown>

and in the secondary dashboard you have to insert the two time tokens in earliest and latest tags

<earliest>$TimeFrom$</earliest>
<latest>$TimeTo$</latest>

Bye.
Giuseppe

0 Karma
Reply
Get Updates on the Splunk Community!

.conf24 | Registration Open!

Hello, hello! I come bearing good news: Registration for .conf24 is now open!   conf is Splunk’s rad annual ...

ICYMI - Check out the latest releases of Splunk Edge Processor

Splunk is pleased to announce the latest enhancements to Splunk Edge Processor.  HEC Receiver authorization ...

Introducing the 2024 SplunkTrust!

Hello, Splunk Community! We are beyond thrilled to announce our newest group of SplunkTrust members!  The ...