It seems like your issue is you want the raw output, rather than the table- or chart-style output from @aholzer's great suggestions. If so, use <event> instead of <table>. Assuming you have a dropdown that produces a srcType value and a text input for your str value, you should be able to do something like this:

<row>
<event>
<searchString>sourcetype="$srcType$" index="index1" "$str$"</searchString>
</event>
</row>

Check out http://docs.splunk.com/Documentation/Splunk/latest/Viz/PanelreferenceforSimplifiedXML#event for your other options for this tag.

If you look at the link I provided in my answer you'll notice that the second example has a dropdown of sourcetypes. I feel like that's exactly what you are looking for.

Give them the dropdown of sourcetypes as the second example in the link (I suggest you do it dynamically) and a text input as the first example in the link show.

Hope this helps

I have a long list of sourcetypes which different logfiles in our systems has defined.

(40-50 servers in a cluster with the same kind of logfiles, splunk is used as a centralized way to search in them)

Right now my users has to define sourcetype="blabla" in their search query for everytime they want to search in the a specific logfile.

I just want to give my users an easy entrypoint for searching in the different types of logs we have.

Not sure I'm understanding then. You could always set up a Splunk role, and as part of the role define a filter as [sourcetype="platform_jboss_log" index="index1"]. By doing this, it will apply that filter to every search the users with that role have. You'd simply have to set all users to have that new role.

Hope this helps

Hi

Thanks for the answer

It's a bit like what i'm seeking, or not

I want it to make the search in the normal search app when pressing submit, so you can use the facilities that has. - What i see from the form examples it looks a bit.. restricted