Solved: Multiselect values as table input?

matstap · ‎05-02-2018

I have a multiselect dropdown. I also have a stat table which utilizes a KVstore. I want the multiselect values to filter the table How do I do this?

The multiselect has the token $product$. The table is just a column from a KVstore:

| inputlookup product_color.csv 
|search product="$product$"
| table color

Do I have to do something to $product$ before using it as a filter if there are multiple values?

somesoni2 · ‎05-02-2018

Follow example from below link to setup your multiselect to user valuePrefix, valueSuffix and delimiter (basically replace sourcetype with product in the example code for multiselect input) and change your query like this

| inputlookup product_color.csv | search $prodct$ | table color

http://docs.splunk.com/Documentation/Splunk/7.0.3/Viz/tokens#Multiselect_input_example

View solution in original post

somesoni2 · ‎05-02-2018

Follow example from below link to setup your multiselect to user valuePrefix, valueSuffix and delimiter (basically replace sourcetype with product in the example code for multiselect input) and change your query like this

| inputlookup product_color.csv | search $prodct$ | table color

http://docs.splunk.com/Documentation/Splunk/7.0.3/Viz/tokens#Multiselect_input_example

Multiselect values as table input?

Community Content Calendar, November Edition

October Community Champions: A Shoutout to Our Contributors!

Stay Connected: Your Guide to November Tech Talks, Office Hours, and Webinars!

Are you a member of the Splunk Community?

Multiselect values as table input?

Community Content Calendar, November Edition

October Community Champions: A Shoutout to Our Contributors!

Stay Connected: Your Guide to November Tech Talks, Office Hours, and Webinars!