Solved: How to open an extracted URI field through drilldo...

zacksoft · ‎05-19-2020

In my dashboard, I have a tabular representation of a panel that shows some extracted value of the events in columns such as _time, address.
Example :
_time Address
03:34 https://www.rediff.com
03:45 https://www.rediff.com
03:47 https://www.yahoo.com

I enabled the drilldown option in the XLM editor so that when I click on row 1 it should redirect and open www.rediff.com etc..

I did this, but it won't work

<drilldown>
          <link>$row.address$</link>
   </drilldown>

Sfry1981 · ‎05-19-2020

try using this in the drilldown instead

<drilldown>
  <link target="_blank">$click.value2|n$</link>
</drilldown>

View solution in original post

Sfry1981 · ‎05-19-2020

try using this in the drilldown instead

<drilldown>
  <link target="_blank">$click.value2|n$</link>
</drilldown>

zacksoft · ‎05-19-2020

Thank you. it helped.
I actually have more than 2 columns ... and Is it possible to configure so that if I click on that row (on any cell I choose), it would redirect me to the Address value ?
Currently I have to click on "Address" column's cell to be able to re-direct to the page.

Sfry1981 · ‎05-20-2020

@zacksoft

All you would need to do is go into the source data and in the xml where it shows the below:

<option name="drilldown">cell</option>

change to

<option name="drilldown">row</option>

that will make the whole row clickable instead of just a cell

How to open an extracted URI field through drilldown option ?

drilldown

simple XML

Join the Splunk Community Slack to learn, troubleshoot, and make connections with fellow Splunk practitioners in real time!

Join Splunk User Groups to connect and learn in-person by region or remotely by topic or industry.

[Puzzles] Solve, Learn, Repeat: Matching cron expressions

Design, Compete, Win: Submit Your Best Splunk Dashboards for a .conf26 Pass

May 2026 Splunk Expert Sessions: Security & Observability

Join the Conversation