Solved: Multiselect values as table input?

matstap · ‎05-02-2018

I have a multiselect dropdown. I also have a stat table which utilizes a KVstore. I want the multiselect values to filter the table How do I do this?

The multiselect has the token $product$. The table is just a column from a KVstore:

| inputlookup product_color.csv 
|search product="$product$"
| table color

Do I have to do something to $product$ before using it as a filter if there are multiple values?

somesoni2 · ‎05-02-2018

Follow example from below link to setup your multiselect to user valuePrefix, valueSuffix and delimiter (basically replace sourcetype with product in the example code for multiselect input) and change your query like this

| inputlookup product_color.csv | search $prodct$ | table color

http://docs.splunk.com/Documentation/Splunk/7.0.3/Viz/tokens#Multiselect_input_example

View solution in original post

somesoni2 · ‎05-02-2018

Follow example from below link to setup your multiselect to user valuePrefix, valueSuffix and delimiter (basically replace sourcetype with product in the example code for multiselect input) and change your query like this

| inputlookup product_color.csv | search $prodct$ | table color

http://docs.splunk.com/Documentation/Splunk/7.0.3/Viz/tokens#Multiselect_input_example

Multiselect values as table input?

OpenTelemetry for Legacy Apps? Yes, You Can!

UCC Framework: Discover Developer Toolkit for Building Technology Add-ons

.conf25 Community Recap

Are you a member of the Splunk Community?

Multiselect values as table input?

OpenTelemetry for Legacy Apps? Yes, You Can!

UCC Framework: Discover Developer Toolkit for Building Technology Add-ons

.conf25 Community Recap