Re: how to create third dropdown and link first tw...

priyastalin · ‎03-09-2021

I have created two dropdown (Group and Device) I want create another dropdown timeframe and link first two dropdown with timeframe dropdown. How to achieve this?

Group Device Timeframe

Please help me in clearing my doubts.

Thanks,

Priya

gcusello · ‎03-09-2021

Hi @priyastalin,

to create a chain in inputs, you gave to insert the token of the previous input in the second.

So if the first and the second dropdowns are $group$ and $device$

in the search of the third dropdown put the two tokens:

your_search $group$ $device$
| dedup timeframe
| sort timeframe
| table timeframe

Ciao.

Giuseppe

priyastalin · ‎03-09-2021

Hi @gcusello

Yes first and second dropdown are linked together and tokens are $group$ and $device$. But I dont know how to create third dropdown Timeframe and link first two dropdowns.

Thanks,

priya

gcusello · ‎03-09-2021

Hi @priyastalin,

as you can see in my previous answer, you have to identify the search to list the timeframes and then use the other two tokens.

Can you share the search for timeframe?

Ciao.

Giuseppe

how to create third dropdown and link first two dropdown

Leveraging Detections from the Splunk Threat Research Team & Cisco Talos

New in Splunk Observability Cloud: Automated Archiving for Unused Metrics

Calling All Security Pros: Ready to Race Through Boston?

Are you a member of the Splunk Community?

how to create third dropdown and link first two dropdown

Leveraging Detections from the Splunk Threat Research Team & Cisco Talos

New in Splunk Observability Cloud: Automated Archiving for Unused Metrics

Calling All Security Pros: Ready to Race Through Boston?