#   Version 6.2.3
#
#
# This file contain descriptions of stanzas and attribute/value pairs
# for configuring search-assistant via searchbnf.conf
#
# There is a searchbnf.conf in $SPLUNK_HOME/etc/system/default/.  It
# should not be modified.  If your application has its own custom
# python search commands, your application can include its own
# searchbnf.conf to describe the commands to the search-assistant.
#
# To learn more about configuration files (including precedence)
# please see the documentation located at
# http://docs.splunk.com/Documentation/Splunk/latest/Admin/Aboutconfigurationfiles

# GLOBAL SETTINGS
# Use the [default] stanza to define any global settings.
#     * You can also define global settings outside of any stanza, at the top of the file.
#     * Each conf file should have at most one default stanza. If there are multiple default
#       stanzas, attributes are combined. In the case of multiple definitions of the same
#       attribute, the last definition in the file wins.
#     * If an attribute is defined at both the global level and in a specific stanza, the
#       value in the specific stanza takes precedence.


##################
# getkpisearch
##################
[getkpisearch-command]
syntax = getkpisearch (getkpisearch-serviceId-option=<string>) (getkpisearch-kpiId-option=<string>) (getkpisearch-searchField-option=<string>)
description = Gets the value for a kpi search field. Must specify service id, kpi id, and search field.
shortdesc = Gets the value for a kpi search field.
comment1 = Get the value for the search_alert field for the provided serviceId and kpiId
example1 = | getkpisearch serviceId=splunk_service kpiId=95d37d9f2d4c38971f7ce424 searchField=search_alert
usage = public
tags = kpi kpisearch field

[getkpisearch-serviceId-option]
syntax = serviceId=<string>
description = The ID of the service that KPI belongs to.

[getkpisearch-kpiId-option]
syntax = kpiId=<string>
description = The ID of the KPI that the search field belongs to.

[getkpisearch-searchField-option]
syntax = searchField=<string>
description = The search field to get the value of from the provided KPI.

[setseverityfields-command]
syntax = setseverityfields
description = Sets alert_severity, alert_level, alert_color, alert_value, alert_entity fields; serviceid and kpiid fields must be passed as argument.
shortdesc = Sets alert_* fields for a KPI.
tags = kpi