I have a dashboard with a drop-down selector and a free text field, and an inputlookup file. I want results of a panel query to show items from the lookup file if some SPECIFIC fields match temp variable OR if any field matches $TokFree$.
In the query below, if I use SEARCH command, it correctly matches against the "all fields" part (which uses the RAW coalesce). If I use WHERE, then, it correctly works for the SiteID_ISS field. In other words, how do I make the WHERE command match against the $Tok_freeText$ field (which it ignores) or how do I make the SEARCH command correctly evaluate "temp" as a variable rather than a string?
| inputlookup list.csv
| eval raw=""
| eval temp="STR3722"
| foreach * [ eval raw=raw.",".coalesce('<>',"") ]
| search (raw="*$Tok_freeText$*") OR (SiteID_ISS=temp)
| fields - raw
I need logic that does this:
(
| search raw="*$Tok_freeText$*"
OR
| where SiteID_ISS=temp
)
As usual, it's one of those moments where I've spent far too much time trying to get it to work, and I ought to have moved on to other things by now!
↧