new CheckboxGroupView({ ... value: mvc.tokenSafe('$checkboxValue$') }); new SearchManager({ ... search: mvc.tokenSafe('index=main source=$checkboxValue$') }); ... View more

It appears that Flurry (the service) altered their authentication mechanism or their anti-bot heuristics again. I don't have time these days to do detailed maintenance, so I am requesting that others send me a patch. Please send patch and related conversation to GitHub ticket: https://github.com/splunk/splunk-app-flurry/issues/5 ... View more

If you use $status|s$ then it will automatically add quotes and escape anything else weird inside the token, such as backslashes. I don't think backslashes apply here, but it is a general technique to be aware of. ... View more

It's more reliable to write $footoken|s$ than "$footoken$", as the former will deal with backslashes and quotes in the token value correctly. ... View more

I have heard this error reported a few times, but never with enough information for me to reproduce the issue. Please take a screencast of you attempting to install a fresh copy of Splunk, along with the app, and trigger the problem. Then upload the resulting video to YouTube (or some other hosting service) so that I can see how to get your error. ... View more

Based on the information provided I don't see anything you're doing incorrectly. Sounds like you need some hands-on debugging assistance. If you have Support contract with Splunk I would suggest opening up a Support case. ... View more

It's certainly possible with a JS extension to the dashboard. In that case you'd listen to the value of the checkbox token changing, and then use JQuery to hide/show panels as appropriate. As for whether you can do it purely through Simple XML with no JS, I'm not sure. ... View more

Check your spelling. $radiogroup$ != $radiougroup$. If you add {tokenNamespace: "submitted"} then updating the "default" model, as you current code does, will have no effect. You probably don't want {tokenNamespace: "submitted"}. ... View more

So, I cannot use the tokensafe in the second part of the query I do not understand what you mean by this. It is valid to pass an expression of the form tokensafe("SEARCH_STRING") to a setting for a SearchManager. Depending on how much you are omitting from your example, you may need to update "submitted" token model in addition to the "default" token model. Any SearchManager emitted from Simple XML will be bound to the "submitted" token model by default. However the code example you provide doesn't have the SearchManager bound to "submitted", so this may not be your issue. ... View more

"mvc.tokenSafe :(" is not valid syntax. You have an extra colon. Please check JS console for errors. ... View more

To my knowledge there is both docs for obtaining results from searches and for setting tokens. ... View more

Django is receiving less active dev attention now than in the past. Migrating to Simple XML + HTML panels + JS/CSS extensions is a more stable path moving forward if you have resources to make such a transition. -- Much of our existing docs are not up-to-date on this point. ... View more

I think this is a bug. I have filed it internally as SPL-97569 and instructed that this thread be updated when the ticket is completed. I have no ETA. ... View more

I do not recognize the class SearchManager_send. The regular SearchManager is aware of token-safe strings but I do not know if this custom class is. ... View more

[script] tags are explicitly stripped out of [html] blocks in Simple XML, which leads me to believe that inline JS is explicitly not on the plan due to security issues. If a regular visitor could edit a dashboard and insert [script] tags in an [html] block, you could potentially have cookie-stealing code and other issues. Anyone on the Simple XML team with a more authoritative answer? ... View more

Yeah there's no way to inline JS in Simple XML. It has to be included via [form script="foo_in_appserver_static.js]. ... View more

To my knowledge there aren't any tokens in Simple XML that are auto-populated by running searches. You could create a SearchManager in JS and grab the results from that directly. ... View more

Blast. This site is deleting backslashes in my response. See the unadulterated form here: https://gist.github.com/davidfstr/79477ece71c8056d745d ... View more

Hmm. Works for me. I generated data by running the search 'index=_internal | head 2 | eval file="foo.txt" | eval path="C:\Windows\" | outputcsv output.csv'. Then I created a dashboard with a form input bound to $path$ and a table powered by the search '| inputcsv output.csv | search path=$path|s$'. If I type 'C:\Windows\' in the text field and press enter. I get the result I was expecting. Tested on Splunk 6.1.3. ... View more

Use the |s filter for tokens to escape them for use in search strings: <searchString>filepath=$filepath|s$</searchString> ... View more

Assuming this is a Simple XML page, you can add a JS extension that sets the token on page load. The dashboard: <dashboard script="my_dashboard.js"> The JS file: require(['splunkjs/ready!'], function(mvc) { var tokens = mvc.Components.get('default'); tokens.set('myToken', 'initialValue'); }); ... View more

Sounds like you want the Host field to be set to "*" whenever the Model field changes. You could listen to changes in the Model field and force the Host field to "*" whenever that happens. However that would also make links/drilldowns to the dashboard be unable to set Host to anything other than asterisk, as all other values would get clobbered during page load. Should you want to take this approach anyway, you could create a JS file in appserver/static and include it with <form script="myscript.js">: require(['splunkjs/ready!'], function(mvc) { var tokens = mvc.Components.get('default'); tokens.on('change:T-Model', function() { tokens.set('T-Host', '*'); }); }); ... View more

The "model" parameter refers to the token model on which the on() function was invoked. You probably don't care about it. The "value" parameter refers to the new value of the token. The "options" parameter gives more information about how the token was changed that you probably don't care about. See the Backbone documentation for the on() call if you want details. ... View more