Splunk Search
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question
Solved! Jump to solution

Display custom search after click on SimpleResultsTable

Srw12
Explorer
‎07-24-2012 02:51 AM

I am having a SimpleResultsTable which allows to collect all information what I need.

Whereas, I would like to change the search behaviour after a click.

For example, when I click on some information, I have this search

  • sourcetype=LogSourceType name="test" value="100" error="warning"

But if I add a specific field to the current search, I would like to remove all other information.

For example, if I click on the field "id", i'll have this search

  • sourcetype=LogSourceType id="123"

I need to modify the javascript ? Or an existing module manages this functionality ?

Thanks in advance

0 Karma
Reply
1 Solution
Solved! Jump to solution
Solution

Srw12
Explorer
‎07-26-2012 12:14 AM

Hi,

I've found a solution. It consist to change the javascript (FieldSearch.js) where the method setInputField: function(searchStr) is declared. I've added a conditional test, and it works perfectly.

View solution in original post

0 Karma
Reply
Solved! Jump to solution
Solution

Srw12
Explorer
‎07-26-2012 12:14 AM

Hi,

I've found a solution. It consist to change the javascript (FieldSearch.js) where the method setInputField: function(searchStr) is declared. I've added a conditional test, and it works perfectly.

0 Karma
Reply
Solved! Jump to solution

MHibbin
Influencer
‎07-24-2012 06:03 AM

Hi Srw12,

I believe the solution should be a lot simpler, you should look at creating a drilldown with a new HiddenSearch fed into it, using the $click.value$ value...

something like this (code needs modifying, just as an overview)

<module name="HiddenSearch">
  ...
  <module name="SimpleResultsTable">
    ...
    <module name="ConvertToDrilldownSearch">
      <module name="HiddenSearch">
        <param name="search">sourcetype=LogSourceType</param>
        <module name="ConvertToIntention">
          <param name="intention">
            <param name="name">addterm</param>
            <param name="arg">
              <param name="id">$click.value$</param>
            </param>
          </param>
          <module name="ViewRedirector">
            <param name="viewTarget">flashtimeline</param>
          </module>
        ...

Remember to close all of your open tags in the XML, hopefully this should give you a better idea... there is also some docs on this (here), I know you are able to do more advance drilldowns with Sideview Utils, but I have not used this myself.

Reply
Solved! Jump to solution

Srw12
Explorer
‎07-25-2012 02:17 AM

Thanks for your reply. I've tried your solution, but the result doesn't match my expectation.
But I've a new question, is it possible to reset the search after a click ?

0 Karma
Reply
Get Updates on the Splunk Community!

Built-in Service Level Objectives Management to Bridge the Gap Between Service & ...

Wednesday, May 29, 2024  |  11AM PST / 2PM ESTRegister now and join us to learn more about how you can ...

Get Your Exclusive Splunk Certified Cybersecurity Defense Engineer at Splunk .conf24 ...

We’re excited to announce a new Splunk certification exam being released at .conf24! If you’re headed to Vegas ...

Share Your Ideas & Meet the Lantern team at .Conf! Plus All of This Month’s New ...

Splunk Lantern is Splunk’s customer success center that provides advice from Splunk experts on valuable data ...