Solved: Token reference for TimeChart panel

synastraa · ‎07-09-2019

Hi,

I am currently trying to do a drill down for my panel when i click on each month. However when I click on the month , the month retrieve was in epoch time format. How do i work around this so I can do drilldown for my timechart? Thanks

Best Regards,
Aloysius

tiagofbmm · ‎07-09-2019

You can use an eval token instead of the native "set" that Splunk UI uses.

    <drilldown>
      <set token="t">$click.value$</set>
      <eval token="t">strftime($click.value$,"%m")</eval>
    </drilldown>

This will set your token to the month number. For more info on date and times formats:

https://docs.splunk.com/Documentation/Splunk/7.1.1/SearchReference/Commontimeformatvariables

View solution in original post

tiagofbmm · ‎07-09-2019

You can use an eval token instead of the native "set" that Splunk UI uses.

    <drilldown>
      <set token="t">$click.value$</set>
      <eval token="t">strftime($click.value$,"%m")</eval>
    </drilldown>

This will set your token to the month number. For more info on date and times formats:

https://docs.splunk.com/Documentation/Splunk/7.1.1/SearchReference/Commontimeformatvariables

synastraa · ‎07-10-2019

Thanks tiagofbmm,

this solved my question.

Token reference for TimeChart panel

Community Content Calendar, November Edition

October Community Champions: A Shoutout to Our Contributors!

Stay Connected: Your Guide to November Tech Talks, Office Hours, and Webinars!

Are you a member of the Splunk Community?

Token reference for TimeChart panel

Community Content Calendar, November Edition

October Community Champions: A Shoutout to Our Contributors!

Stay Connected: Your Guide to November Tech Talks, Office Hours, and Webinars!