Hi Community,
I am trying to set a token based on a search in an ITSI glass table, but I cannot find any way to do it "dynamically", even by changing the JSON code of the glass table.
My final goal is using the token value to set the color of an icon based on the value returned by the related search. According to what I found, the only option to colorize an icon with a value changing dynamically is by using a token (and this works, with a static token set via text input with an hex value corresponding to a color, e.g. "#FFFFFF"). The only reference documentation I can find is https://docs.splunk.com/Documentation/ITSI/4.8.0/SI/Inputs#How_inputs_connect_to_visualizations
Below, the code of the icon, with its color set to a token named "vizcolor":
{
"type": "viz.singlevalueicon",
"options": {
"showValue": false,
"icon": "splunk-enterprise-kvstore://6001e599aea29f5df6382024",
"color": "$vizcolor$"
},
"dataSources": {
"primary": "ds_XXXXXX"
}
}
In conclusion, I would like to know if any one of you can suggest me how to set a token from a search result on a glass table (examples are appreciated).
Thanks,
G.P.
