Solved: Creating checkboxes to check multiple severity val...

jyothishtj · ‎09-16-2015

Hi Team,

I am trying to create a checkbox for severity with values 1,2,3,4 and >4. I need to check multiple checkboxes at the same time so a report will be refreshed based on the value. I tried to give name value pair as:

Name     Value
-----    -----
1        1
2        2
3        3
4        4
5+       >5

and Delimiter value as OR SEVERITY= and token as genSEVERITY

Then gave the report query as

index=index_custom SEVERITY= $genSEVERITY$  | table INC_COMPANY INC_NUMBER  SEVERITY | sort + SEVERITY

When I am checking values 1, 2, 3, 4, it is listing the values correctly, but when I am trying to select 5+ it is giving an error because the query will be

severity=1 or severity=2 or severity=3 or severity=4 or severity=>5

Is there any way I can get severity>=5 with this value, or any other methods to achieve the required results? Please help.

Thanks ,
Jyo

HeinzWaescher · ‎09-17-2015

Have you tried out

index=index_custom $genSEVERITY$ | table INC_COMPANY INC_NUMBER SEVERITY | sort + SEVERITY

View solution in original post

HeinzWaescher · ‎09-17-2015

Have you tried out

index=index_custom $genSEVERITY$ | table INC_COMPANY INC_NUMBER SEVERITY | sort + SEVERITY

jyothishtj · ‎09-17-2015

Thanks. This is working fine

Creating checkboxes to check multiple severity values to update a report, how do I get the value ">5" to produce results?

Webinar Recap | Revolutionizing IT Operations: The Transformative Power of AI and ML ...

.conf24 | Registration Open!

ICYMI - Check out the latest releases of Splunk Edge Processor