My end goal is to show events in one table coming from multiple searches in real time. They all have the same fields. `appendcols` usually works but not in real-time.
My ideas were:
-Each of the real-time searches will append its results to the same CSV; a different search will display that CSV in real-time.
-Create a dashboard with a panel for each search, somehow dynamically combine them; or at least make them look combined.
There's possible a much simpler answer for this which I'm missing. Any help appreciated!
↧