The following example demonstrates the step to add sources, granularity and search term to a widget using User Inputs:
Step I: Sources Input
The following input retrieves a list of logs defined in XpoLog under the 'XpoLog System Log' folder to be selected and combined in the search:
Result in Dashboard:
Query Used:
* in [XI:sources]| count | interval 1 hour | display count as events over time
Upon selection the query will run only on the selected log(s).Step II: Granularity Input
The following input displays a list of granularity options to be selected and combined in the search:
(Note if a default is not selected, the widget will wait to a selection to display the result)
Result in Dashboard:
Query Used:
* in [XI:sources]| count | interval [XI:interval] | display count as events over time
Upon selection of sources the query will run only on the selected log(s) and upon selection of granularity the result will be displayed in the specified granularityStep III: Search Term Input
The following input displays a search term to be combined in the search if entered:
(Note if a default is not specified, the widget will use * as the search term)
Result in Dashboard:
Query Used:
[XI:search] in [XI:sources]| count | interval [XI:interval] | display count as events over time
Upon entering a search term it will be used in the query, upon selection of sources the query will run only on the selected log(s) and upon selection of granularity the result will be displayed in the specified granularity
Result:
The dashboard will now be loaded with the default values and will display the list of User Inputs to provide users with the ability to modify parameters and reload dashboard based on their selection.
For example - here's a view of the same dashboard on the last 1 hour, on a specific log (xpologlog) in Minutes interval and searching for only 'error or fail*' in that logs: