Splunk drilldown search

Asked Feb 01 '18 at 00:57

Active Feb 01 '18 at 01:11

Viewed 623 times

I am working on splunk dashboard. Below is the sample table and query

index="myindex" message="ApiImpl" "succeed=true" | rex field=message "execution_time=(?.*)" | table method response_time | stats avg(response_time) as "avg", min(response_time) AS "min", max(response_time) As "max" by method

**method   avg  max  min**
 create    34   99    22
 update    31   189   21
 delete    30   69    29

Now on the result table if I click on 189 in update row. in the new or same window it should open me the same search along with method=update and response_time=189. Since the table is simple we can make out. But my table is very big when I click on particular cell it should open with the selected filter.

The new search result should open like below. Or should open log event directly with the update method which is taking max responce time 189

 **method   avg  max  min**
    update    31   189   21

Could you please help me to provide a way like a query or table options to get the new search?

edited Feb 01 '18 at 01:11

asked Feb 01 '18 at 00:57

Kiran

I'm not sure what your question is here. Are you asking for instructions on setting custom options for drill-down in Splunk reports? – Dean Ransevycz Feb 01 '18 at 01:10
Sorry about that, i forgot to ask the question at the end :-) – Kiran Feb 01 '18 at 01:12
Take a look at Splunk dashboard examples app, it has nice drilldown examples: https://splunkbase.splunk.com/app/1603/ – barkai36 Feb 04 '18 at 09:53

Splunk drilldown search

0 Answers0