I am trying to create a dashboard to examine group policy processing errors.  I would like to create a drop-down based on the values returned for EventCode which is the Windows EventID. 1.  How do I create a dynamic drop-down to show the EventIDs (EventCode) returned by the search? 2.  I see you can enter a whole new search, but technically that is different than the main search, right?  How do I base it on the main search? 3.  What are Label (fieldForLabel) and Value (fieldForValue) for?  Why are they required?     <form version="1.1" theme="light"> <label>GP Errors</label> <fieldset submitButton="true" autoRun="false"> <input type="time" token="field1"> <label></label> <default> <earliest>-90m@m</earliest> <latest>now</latest> </default> </input> <input type="text" token="Computername"> <label>Computer Name</label> <default>*</default> </input> <input type="dropdown" token="EventID"> <label>Event ID</label> <choice value="*">All</choice> <default>*</default> <initialValue>*</initialValue> <fieldForLabel>EventID</fieldForLabel> <fieldForValue>EventID</fieldForValue> <search> <query>index=winevent source="WinEventLog:System" SourceName="Microsoft-Windows-GroupPolicy" Type=Error | stats values(EventCode)</query> <earliest>-90m@m</earliest> <latest>now</latest> </search> </input> </fieldset> <row> <panel> <table> <search> <query>index=winevent source="WinEventLog:System" SourceName="Microsoft-Windows-GroupPolicy" Type=Error host=$Computername$ EventCode=$EventID$ | table host, EventCode, Message, _time | rename host AS Host, EventCode AS EventID | sort _time desc</query> <earliest>-90m@m</earliest> <latest>now</latest> <sampleRatio>1</sampleRatio> </search> <option name="dataOverlayMode">none</option> <option name="drilldown">none</option> <option name="percentagesRow">false</option> <option name="refresh.display">progressbar</option> <option name="rowNumbers">false</option> <option name="totalsRow">false</option> <option name="wrap">true</option> </table> </panel> </row> </form>     ... View more