Hi, Splunkers,
I have a Search with an input token , which is not working in my query in dashboard
t_TargetType is token name.
| search AFRoute=if($t_TargetType|s$ == "A","true","*")
w...
See more...
Hi, Splunkers,
I have a Search with an input token , which is not working in my query in dashboard
t_TargetType is token name.
| search AFRoute=if($t_TargetType|s$ == "A","true","*")
when token has value A,
| search AFRoute=if("A" == "A","true","*"), which I assume is equal to | search AFRoute="true".
but when I directly run a search with | search AFRoute=if("A" == "A","true","*") , it doesn't work same as | search AFRoute="true".
what's the difference between | search AFRoute=if("A" == "A","true","*") and | search AFRoute="true"?
Kevin