Splunk Search
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

Populating search not working

theouhuios
Motivator
‎12-03-2012 12:32 PM

Hello

I am trying to autopopulate the below input type and its not giving any data in the dropbox. Can anyone please tell me where am I doing a mistake?



*
<![CDATA[earliest=-31d@d sourcetype="incident"|stats count by record.groupArea]]>

alt text

<?xml version='1.0' encoding='utf-8'?>






Reactionary
Cautionary

<input type="dropdown" token="Dept">
  <label>Department: </label>
  <default>*</default>
  <choice value="*">All</choice>
  <choice value="Systems">Systems</choice>
  <choice value="Agency">Agency</choice>
</input>
<input type="dropdown" token="Area">
  <label>Area: </label>
  <default>*</default>
   <populatingSearch fieldforvalue="Area" fieldforlabel="Area"> <![CDATA[earliest=-31d@d sourcetype="incident"|rename record.groupArea as Area |stats count by Area]]> </populatingSearch>
</input>

<input type="text" token="WG">
  <label>WorkGroup: </label>
  <default>*</default>
</input>
<input type="text" token="CI">
  <label>CI: </label>
  <default>*</default>
</input>


Tags (1)
0 Karma
Reply

srowe
Explorer
‎05-01-2013 07:35 AM

also, autorun should be "autoRun" camel case. It took me awhile to realize that!

0 Karma
Reply

rroberts
Splunk Employee
Splunk Employee
‎12-03-2012 01:41 PM

Should be upper case S in populatingSearch

0 Karma
Reply

rroberts
Splunk Employee
Splunk Employee
‎12-12-2012 05:03 PM

Did you have any luck?

0 Karma
Reply

rroberts
Splunk Employee
Splunk Employee
‎12-04-2012 08:31 AM

Check case sensitivity:

fieldForValue= fieldForLabel=

0 Karma
Reply

theouhuios
Motivator
‎12-04-2012 07:40 AM

Updated the initial post. I did try to change the name and try it but it doesn't work.

0 Karma
Reply

rroberts
Splunk Employee
Splunk Employee
‎12-04-2012 07:23 AM

Trying to recreate. Can you add the entire form XML please?

0 Karma
Reply

theouhuios
Motivator
‎12-04-2012 06:21 AM

Any help??

0 Karma
Reply

rroberts
Splunk Employee
Splunk Employee
‎12-03-2012 02:46 PM

I think it might be a problem with the . in the field name.

0 Karma
Reply

theouhuios
Motivator
‎12-03-2012 02:03 PM

That removes the error, but there is no data being populated in the dropdown. Updating the first post with the image of the data

0 Karma
Reply
Get Updates on the Splunk Community!

Modern way of developing distributed application using OTel

Recently, I had the opportunity to work on a complex microservice using Spring boot and Quarkus to develop a ...

Enterprise Security Content Update (ESCU) | New Releases

Last month, the Splunk Threat Research Team had 3 releases of new security content via the Enterprise Security ...

Archived Metrics Now Available for APAC and EMEA realms

We’re excited to announce the launch of Archived Metrics in Splunk Infrastructure Monitoring for our customers ...