Solved: Metadata Search (Index Selector)

JoeSco27 · ‎07-09-2013

I am trying to create a utility using the metadata command that will allow me to see what sourcetypes exist by index. I have started with a command that returns all the sourcetypes for an index i enter into the search, but i am trying to create a report where i can select the index from a dropdown. my search thus far looks like this:

above that in the XML, fieldset, i have put in this but it doesnt seem to return any values.

< fieldset >
  < input type="dropdown" token="$index$" >
    < label>Select Index</label >
     < choice search="index=main">Main</choice >
     < choice search="index=iis">IIS</choice >
   < /input >
 < /fieldset >

The entire search works when I dont have "$index$" in the search, but i am trying to dynamically be able to change that value from the dropdown

linu1988 · ‎07-09-2013

As you mentioned in the choice parameter Main will be equal to "index=main". But your search definition is [|metadata type=sourcetypes index="$index$"

which leads to :
[|metadata type=sourcetypes index="index=main"!!!
is it correct? do replace it by only "main" and check..

View solution in original post

linu1988 · ‎07-09-2013

Please mark it as an answer as it's the solution:)

JoeSco27 · ‎07-09-2013

Thank you, i think that got it working now

linu1988 · ‎07-09-2013

As you mentioned in the choice parameter Main will be equal to "index=main". But your search definition is [|metadata type=sourcetypes index="$index$"

which leads to :
[|metadata type=sourcetypes index="index=main"!!!
is it correct? do replace it by only "main" and check..

Metadata Search (Index Selector)

Webinar Recap | Revolutionizing IT Operations: The Transformative Power of AI and ML ...

.conf24 | Registration Open!

ICYMI - Check out the latest releases of Splunk Edge Processor