Specific keyword based colour

jerinvarghese · ‎10-20-2020

Hi Team,

need help in getting few nodelabel highlighted. "WANRT" & "DCNDC".

sitecode	nodelabel
PJS	LANCUA001
PCW	LANCUA001
PCW	WANINF001
PCW	WANRTC001
PCW	DCNDCI001

Below is the code that I used to get the "WANRT" devices highlighted with RED color, but i am unable to get the "DCNDC" devices too.

        <format type="color" field="nodelabel">
          <colorPalette type="expression">if (like(value,"%WANRT%"),"#FF5733","#FFFFFF")</colorPalette>
        </format>

please help me with the code to get both highlighted.

richgalloway · ‎10-20-2020

Have you tried this?

<format type="color" field="nodelabel">
  <colorPalette type="expression">
if (like(value,"%WANRT%") OR like(value, "DCNDC%"),"#FF5733","#FFFFFF")</colorPalette>
</format>

---
If this reply helps you, Karma would be appreciated.

Specific keyword based colour

chart

count

eval

fields

table

Join the Splunk Community Slack to learn, troubleshoot, and make connections with fellow Splunk practitioners in real time!

Join Splunk User Groups to connect and learn in-person by region or remotely by topic or industry.

Kick the Tires Before You Commit: A Hands-On Tour of the Splunk Observability Cloud ...

Deep insights, no barriers: Splunk Observability Cloud Free Edition

Monitoring AI Agents with Splunk Observability Cloud

Join the Conversation

Specific keyword based colour

Join the Splunk Community Slack to learn, troubleshoot, and make connections with fellow Splunk practitioners in real time!

Join Splunk User Groups to connect and learn in-person by region or remotely by topic or industry.