Dashboards & Visualizations
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

How to drilldown link to compose a message passed the clicked value to the recipient field

johnward4
Communicator
‎10-29-2018 10:51 AM

I have a dashboard for my ticketing system. Main panel shows a Timechart span=1mon for tickets by category (past 6 months). I have a drilldown panel to show me the top users for each category within the month you select.

In this drilldown panel, I have a table that shows .... User, Manager_Email, Count

I'm asking how can I add a drilldown on the Manager_Email field to send an email passing this field value as the recipient. Extra would be to Add a default subject line and pass the User field there, e.g. $selectUser$ has generated $selectCount$ tickets for $selectCategoryName$.

Main Panel Query : 

index=ticketsys TicketID=* sourcetype="tickets"
| dedup TicketID 
| timechart span=1mon count by CategoryName useother=f usenull=f

Drilldown to Top Users by User for Month : 

index=ticketsys TicketID=* CategoryName="$selectCatName$" sourcetype="tickets"  
| eval srchMonth=strftime(_time,"%m") 
| search srchMonth=$selectTime$
| dedup TicketID 
| stats count by CategoryName, contact, ManagerUsername
| strcat ManagerUsername "@gmail.com" Manager_Email
| rename contact as Requester 
| head 10
| table CategoryName, Requester, Manager_Email, count
| sort - count
0 Karma
Reply

renjith_nair
Legend
‎10-29-2018 10:58 PM

@johnward4,
You shall try using drilldown 'search' to send a mail using sendmail command if that works for you.

Select drilldown from the table and link to search. use custom search and use the tokens inside 

|makeresults| sendemail to=example@splunk.com server=mail.example.com subject="Information about ticket count generated by $selectUser$" message=" $selectUser$ has generated $selectCount$ tickets for $selectCategoryName$."

http://docs.splunk.com/Documentation/Splunk/7.2.0/Viz/DrilldownLinkToSearch

---
What goes around comes around. If it helps, hit it with Karma 🙂
0 Karma
Reply
Get Updates on the Splunk Community!

Introducing the Splunk Community Dashboard Challenge!

Welcome to Splunk Community Dashboard Challenge! This is your chance to showcase your skills in creating ...

Built-in Service Level Objectives Management to Bridge the Gap Between Service & ...

Wednesday, May 29, 2024  |  11AM PST / 2PM ESTRegister now and join us to learn more about how you can ...

Get Your Exclusive Splunk Certified Cybersecurity Defense Engineer Certification at ...

We’re excited to announce a new Splunk certification exam being released at .conf24! If you’re headed to Vegas ...