Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Splunk Search
×
Join the Conversation
Without signing in, you're just watching from the sidelines. Sign in or Register to connect, share, and be part of the Splunk Community.
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
- Find Answers
- :
- Using Splunk
- :
- Splunk Search
- :
- Text box search
Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark Topic
- Subscribe to Topic
- Mute Topic
- Printer Friendly Page
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
ssingh313
Path Finder
07-25-2016
06:51 PM
Hi this is a follow-up question from my previous question. I was able to create a table with specific Id's being displayed on the table. I am now trying to add a search text box that can be used to display information based on specific ConnId's. I was hoping to
create something where a person can view all the connID logs and then using the search box refine the table to a specific connID search. So even when they don't search for a specific connID they are still able to view the table. Any ideas on how I will be able to do this?
1 Solution
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
sundareshr
Legend
07-25-2016
06:55 PM
Try this (replace the query in the panel with your query, just include the token in your base search)
<form>
<label>Test Dashboard</label>
<fieldset submitButton="false" autoRun="true">
<input type="text" token="tok_connID" searchWhenChanged="true">
<label>connID</label>
</input>
</fieldset>
<row>
<panel depends="$tok_connID$">
<event>
<title></title>
<search>
<query>index=_internal $tok_connID$ | head 1</query>
<earliest>-15m</earliest>
<latest>now</latest>
</search>
</event>
</panel>
</row>
</form>
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
sundareshr
Legend
07-25-2016
06:55 PM
Try this (replace the query in the panel with your query, just include the token in your base search)
<form>
<label>Test Dashboard</label>
<fieldset submitButton="false" autoRun="true">
<input type="text" token="tok_connID" searchWhenChanged="true">
<label>connID</label>
</input>
</fieldset>
<row>
<panel depends="$tok_connID$">
<event>
<title></title>
<search>
<query>index=_internal $tok_connID$ | head 1</query>
<earliest>-15m</earliest>
<latest>now</latest>
</search>
</event>
</panel>
</row>
</form>
Related Topics
Get Updates on the Splunk Community!
Splunk Observability for AI
Don’t miss out on an exciting Tech Talk on Splunk Observability for AI!
Discover how Splunk’s agentic AI ...
[Puzzles] Solve, Learn, Repeat: Dereferencing XML to Fixed-length events
This challenge was first posted on Slack #puzzles channelFor a previous puzzle, I needed a set of fixed-length ...
Stay Connected: Your Guide to December Tech Talks, Office Hours, and Webinars!
What are Community Office Hours?
Community Office Hours is an interactive 60-minute Zoom series where ...
