Solved: Multiselect values as table input?

matstap · ‎05-02-2018

I have a multiselect dropdown. I also have a stat table which utilizes a KVstore. I want the multiselect values to filter the table How do I do this?

The multiselect has the token $product$. The table is just a column from a KVstore:

| inputlookup product_color.csv 
|search product="$product$"
| table color

Do I have to do something to $product$ before using it as a filter if there are multiple values?

somesoni2 · ‎05-02-2018

Follow example from below link to setup your multiselect to user valuePrefix, valueSuffix and delimiter (basically replace sourcetype with product in the example code for multiselect input) and change your query like this

| inputlookup product_color.csv | search $prodct$ | table color

http://docs.splunk.com/Documentation/Splunk/7.0.3/Viz/tokens#Multiselect_input_example

View solution in original post

somesoni2 · ‎05-02-2018

Follow example from below link to setup your multiselect to user valuePrefix, valueSuffix and delimiter (basically replace sourcetype with product in the example code for multiselect input) and change your query like this

| inputlookup product_color.csv | search $prodct$ | table color

http://docs.splunk.com/Documentation/Splunk/7.0.3/Viz/tokens#Multiselect_input_example

Multiselect values as table input?

Splunk Classroom Chronicles: Training Tales and Testimonials (Episode 4)

From GPU to Application: Monitoring Cisco AI Infrastructure with Splunk Observability ...

Application management with Targeted Application Install for Victoria Experience

Join the Conversation

Multiselect values as table input?

Splunk Classroom Chronicles: Training Tales and Testimonials (Episode 4)

From GPU to Application: Monitoring Cisco AI Infrastructure with Splunk Observability ...

Application management with Targeted Application Install for Victoria Experience