We can initialize tokens in an init section within a form - and we can make a form refresh every 60 sec by specifying refresh="60" in the form tag -- but it appears that the init section is not re-executed when the form refreshes? The tokens I set in the init section are time tokens that I use throughout the dashboard to control the scope of searches - I calculate them from now() using relative_time(), etc., and display them in the form to check their values, which don't change. The underlying need: to juxtapose the results of two searches: (1) on today's log events, to get (say) event count for a given index and sourcetype per 5 minute interval, and (2) on a summary index, to get the minimum and maximum such event counts over the past 30 days, again for each 5 minute interval, and line them up by time interval (hh:mm, e.g. "13:05") so that I can compare (within each 5 minute interval) today's count vs. the historical minimum and maximum count and alert if today's count falls outside the historical range. This works great when I simply run it for the day and produce a chart - lines for historical minimum and maximum and today's counts, nicely aligned by time interval. For a status indicator or alert though, I want to process a single 5 minute interval, every 5 minutes - and I've been able to do that by setting tokens to (1) the appropriate earliest and latest value for today's events, and (2) the corresponding "hh:mm" value to get the time slice of the summary index. Unfortunately, the tokens I set don't update, even though they're in the init section of a form with refresh=60 - and so far, I haven't been able to get the main search (which is actually the summary index search) to pull the same 5 minute interval (for each of the past 30 days) as the search of today's log events. Any suggestions much appreciated! ... View more