Re: How to add custom time prompts "From Time" and...

ronak · ‎01-05-2015

Setup

My setup has a dashboard that has static value of TODAY (meaning it is expected to show data only for TODAY).

Need

I want to add two prompts to the dashboard "From Time" & "To Time" (human readable format e.g. HH:MI), and want all panels on dashboard to consider TODAY+From Time , TODAY+To Time while searching

How can I achieve this functionality

thanks, ronak

tom_frotscher · ‎01-06-2015

Hi,

you can create a search for a complete day with the following earliest and latest filters:

index=_internal earliest=@d latest=@d+24h

What you can do then, is you can add or substract hours, minutes or seconds like this:

index=_internal earliest=@d+1h+10m latest=@d+24h-1h

So, if you have two textinputs and the inputs have tokens $from$ and $to$ you could create a search like:

index=_internal earliest=@d$from$ latest=@d+24h$to$

and all your users have to do, is type +14h and -6h to get the timerange from 14:00 to 18:00.

Greetings

Tom

How to add custom time prompts "From Time" and "To Time" on a dashboard for panels to show data for chosen time ranges?

More Ways To Control Your Costs With Archived Metrics | Register for Tech Talk

.conf24 | Personalize your .conf experience with Learning Paths!

Threat Hunting Unlocked: How to Uplevel Your Threat Hunting With the PEAK Framework ...