Re: How to drilldown selected choices from one mul...

shariinPH · ‎06-10-2019

I have 2 dashboards say "Summary View Dashboard" and "Details Dashboard". Both dashboards have multiselect input say "Account". User could have chosen multiple choices for "Account" at the "Summary View Dashboard". I would like to find out a way to carry these selected values for "Account" from"Summary View Dashboard" when drilldown-ed to "Details Dashboard". Would really appreciate any help.

immortalraghava · ‎06-10-2019

Hi, you can use the drilldown tag to achieve this.

Example summary view dashboard

<drilldown>
            <link>/app/search/details_dashboard?accounts_selected=$accounts$</link>
</drilldown>

In the details dashboard, you can use the accounts variable as $accounts_selected$

gcusello · ‎06-10-2019

Hi shariinPH,
did you already seen the Splunk Dashboard Examples App ( https://splunkbase.splunk.com/app/1603/ )?
in this App there are some examples of tokens use cases.
Anyway, you have to pass the token to the drilldown:
if your multiselect input token is called "my_token", in the drilldown section you have to put something like this:

<drilldown>
   <link target="_blank">/app/my_app/my_secondary_form?my_token=$mytoken$</link>
</drilldown>

in this way, you pass the multi-input choices to the secondary dashboard.
Obviously, you have to manage it in the secondary dashboard, but in the Example App you can find an example of this.

Bye.
Giuseppe

How to drilldown selected choices from one multiselect input form to another multiselect input form (on another dashboard)?

They're back! Join the SplunkTrust and MVP at .conf24

Enterprise Security Content Update (ESCU) | New Releases

Detecting Remote Code Executions With the Splunk Threat Research Team