The above response will works for me.  We can get our base search job id  into "sid"  token.  Then we can use  "| loadjob  <sid of search>"  splunk command to run our panel without make it base search. <search id="basesearch"> <query>| makeresults count=1 | streamstats count</query> <done> <set token="sid">$job.sid$</set> </done> </search>   <panel> <title>Dashboard panel without use of basesearch</title> <table> <title>Can export</title> <search> <!-- Remove base="<BaseSearch>" from here --> <query>| loadjob $sid$ | search "user your query here.." </query> </search> <option name="drilldown">none</option> </table> </panel>   ... View more

Refer below doc for dispatch jobs: http://docs.splunk.com/Documentation/Splunk/6.4.3/Search/Dispatchdirectoryandsearchartifacts#Dispatch_directory_maintenance ... View more

thank you! ... View more

Changing $row.xxx$ to $result.xxx$ appears to have worked. ... View more

The initial answers that I received were excellent but I didn't do a good job of describing my actual problem. I referenced two columns for the example but I will really have multiple (10+). Each test column will compare back to the base column and I need to color code the cell based on the % difference with respect to the base column. Example datatable I am working with... KPI - Base - Test1 - Test2 - Test n KPI1 - 1 - 1.1 - 0.9 - 1.5 KPI2 - 2 - 1.9 - 2.3 - 2.5 So I would calculate the % difference between 1 and 1.1, 1 and 0.9, 1 and 1.5, etc. I need to display the original value and just color code the cell. I am thinking I need to store both the base value and the test value in JS somehow and calculate the % difference there. ... View more

The rename didn't work but I got around that. The foreach and eval were very helpful. Thanks! ... View more

@mschellhouse, do check out the two examples from Splunk Dashboard Examples app. Hopefully your issue will be resolved. If it does dont forget the Accept this Answer to mark your question as answered. If not let us know the details of what you are trying and where you get stuck so that community members may be able to assist you with the same 🙂 ... View more

Below should do -search string- [| inputlookup searchtermsample2.csv | fields query | eval query="\*".query."\*" | table query | format] ... View more

Hey @mschellhouse, If you have a question, share it with the community, then find a solution, then you should accept your own answer. 🙂 There will be more info as this is edited over time, but you can always reference the Answers documentation as well if you have questions about etiquette. http://docs.splunk.com/Documentation/Community/latest/community/AboutCommunity Happy Splunking! ... View more

Hey @mschellhouse, if @DalJeanis solved your problem, please don't forget to accept an answer! You can upvote posts as well. (Karma points will be awarded for either action.) Happy Splunking! ... View more

To be able to predict and to now when you will reach or reached the limit. ... View more

Nailed it! Thanks all! ... View more

I can confirm that if you remove setsv=true it will fix this issue ... View more