Splunk Enterprise Security
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

Dashboard Link

kalpesh11
New Member
‎11-21-2019 06:23 PM

Scenario:
I have two panels in one dashboard. Panel A and Panel B. I need a system that, when i click on A only that dashboard should reflect, and if im clicking on B, 2nd dashboard should reflect(nothing on A).

0 Karma
Reply

wmyersas
Builder
‎11-22-2019 08:26 AM

I use a dropdown selector and the depends="$tokenhere$" method

Here is a snippet that explains this:

<input type="dropdown" token="droptok" searchWhenChange="true">
  <change>
    <condition value="val1">
      <unset token="token2"></unset>
      <set token="token1">token1</set>
    </condition>
    <condition value="val2">
      <unset token="token1"></unset>
      <set token="token2">token2</set>
    </condition>
  </change>
...
</input>
...
<row>
  <panel depends="$token1$"></panel>
  <panel depends="$token2$"></panel>
</row>

When you pick a different item from the dropdown, it will hide the panel currently displayed, and "swap-in" the one you can't (because of the depends="$tokenhere$" feature of the <panel> tag.

It also works on other things that can utilize depends="$tokenhere$", like <row> or <input>

0 Karma
Reply

renjith_nair
Legend
‎11-22-2019 07:03 AM

@kalpesh11,
How should it display on dashboard load (display both panels or none ? )
When panelA clicks , should PanelB disappear and vice versa? What should be the action to bring back Panel B

Are you looking for something along the lines

<form>
  <label>Dashboard Panels</label>
  <fieldset submitButton="false">
    <input type="radio" token="panel">
      <label>Panels</label>
      <choice value="panela">Panel A</choice>
      <choice value="panelb">Panel B</choice>
      <default>panela</default>
      <change>
        <condition match='$value$=="panela"'>
          <set token="panela"></set>
          <unset token="panelb"></unset>
        </condition>
        <condition match='$value$=="panelb"'>
          <set token="panelb"></set>
          <unset token="panela"></unset>
        </condition>
      </change>
    </input>
  </fieldset>
  <row>
    <panel depends="$panela$">
      <title>Panel A</title>
      <chart>
        <search>
          <query>index=_internal earliest=-5m|timechart count</query>
          <earliest>-15m</earliest>
          <latest>now</latest>
        </search>
        <option name="charting.chart">line</option>
        <option name="charting.drilldown">all</option>
        <drilldown>
          <unset token="panelb"></unset>
        </drilldown>
      </chart>
    </panel>
    <panel depends="$panelb$">
      <title>Panel B</title>
      <chart>
        <search>
          <query>index=_internal earliest=-5m |stats count by sourcetype</query>
          <earliest>-24h@h</earliest>
          <latest>now</latest>
        </search>
        <option name="charting.chart">pie</option>
        <option name="charting.drilldown">all</option>
        <drilldown>
          <unset token="panela"></unset>
        </drilldown>
      </chart>
    </panel>
  </row>
</form>
---
What goes around comes around. If it helps, hit it with Karma 🙂
0 Karma
Reply
Get Updates on the Splunk Community!

.conf24 | Day 0

Hello Splunk Community! My name is Chris, and I'm based in Canberra, Australia's capital, and I travelled for ...

Enhance Security Visibility with Splunk Enterprise Security 7.1 through Threat ...

(view in My Videos)Struggling with alert fatigue, lack of context, and prioritization around security ...

Troubleshooting the OpenTelemetry Collector

  In this tech talk, you’ll learn how to troubleshoot the OpenTelemetry collector - from checking the ...