Now the count is right. But will this where cluase effect the count as search has to consider the second token $hostname_token$ aswell?

index="index_test1" sourcetype="st_test1" MyStatus="Failed" source=$source_tok$ $hostname_token$ | where source=$source_tok$ | stats count

You can add host name as well.

index="index_test1" sourcetype="st_test1" MyStatus="Failed" source=$source_tok$ host=$hostname_token$ | where source=$source_tok$ AND host=$hostname_token$ | stats count

Thank you. This will help. I am curious to know how where clause is making it case sensitive?

search is case in-sensitive and where is case-sensitive. The reason you have the token values before the where clause is to make the search more efficient. Limit the results to only matching source case insensitive and then further filter it in the where

Hi Somesoni2,

CASE is not working for me. |stats count is returning 0 values.

But i found the following description for CASE which has the functionality other than case sensitivity.

This function takes pairs of arguments X and Y. The X arguments are Boolean expressions that will be evaluated from first to last. When the first X expression is encountered that evaluates to TRUE, the corresponding Y argument will be returned. The function defaults to NULL if none are true.

The case that you're seeing is for eval command, the One I;m talking to is works with search command.
http://docs.splunk.com/Documentation/Splunk/6.4.3/SearchReference/Search#Search_with_CASE.28.29

Could you post from where the token $source_tok$ is being populated and what value it holds?

$source_tok$ comes from a drop down. It returns souce="some value".I want to treat "some value" as case sensitive in the dasboard.The dashboard gets filled on the basis of drop down selection. 

You would need to update your dropdown code to include the CASE function.

<input type="dropdown" token="source_tok">
      <label>Select a source</label>
    ..other settings...
    <prefix>source=CASE(</prefix>
    <suffix>)</suffix>
    ..other settings...
    </input>

OR just remove both prefix and suffix, and update your search to use source=$source_tok$ instead of just $source_tok$.

Thank you. I will try this.

Is there any way to refresh the panel in the dasboard whenever I select an option in drop down? I want the panel should be in page-1 when I make a selection in drop down.

Add the option searchWhenChanged as true in the xml (OR check the "Search When changed" checkbox")

Hi somesoni2,

I do not see any "Search when Changed" option for panel.
This option is already enabled for drop down.

No matter on which page the table on panel is, it should come to first page when i make a different selection on drop down.

$source_tok$ comes from a drop down. It returns souce="some value".

I want to treat "some value" as case insensitive in the dasboard.
The dashboard gets filled on the basis of drop down selection.