Hi,
First time poster here been lurking for too long and I just can't seem to understand where I am going wrong here...
I have created a cluster map that displays the frequency of observed comms with 'bad IPs' . I want to to run a search that will return any IPs that have communicated with the selected bad ip on click, however I'm having an issue unsetting the token for a drilldown, although I am not getting any errors in the XML. It is constantly set at the first value I ever clicked on.
Can anyone see any errors related to the unset in my XML?
Thanks for your help in advance.
Blacklisted IPs Observed