Join the Conversation
- Find Answers
- :
- Splunk Administration
- :
- Admin Other
- :
- Knowledge Management
- :
- How to extend the Event Options Menu
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark Topic
- Subscribe to Topic
- Mute Topic
- Printer Friendly Page
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I want to extend the Event Options Menu which is located beside the result records.
The idea is to add a link containing some data from the result record beside which the menu is located.
When clicking on the extra menu item the link should open in a new browser tab.
Is this achievable with relatively limited effort?
Example for Illustration
I a result record contains the field userid then the Event Options Menu should contain an item Display in XYZ which would invoke a URL like https://some_domain/display_user?date=20140203&userid=12434233433
The date would be derived from _time and userid from a field in the results, e.g. customer_id.
While the Event Options Menu is appealing for this enhancement, I am open to other suggestions too
The HTML of that menu (without any modifications):
<div class="outerMenuWrapper splShadow splMenu splMenu-primary" style="display: none; top: 411px; left: 243px;">
<ul>
<div class="innerMenuWrapper">
<li class=""><a href="/en-US/etb?sid=1399554203.68&offset=0&namespace=search"
tabindex="-1" class="menuItemLink" target="_blank">Build Eventtype</a></li>
<li class=""><a href="/en-US/ifx?sid=1399554203.68&offset=0&namespace=search"
tabindex="-1" class="menuItemLink" target="_blank">Extract Fields</a></li>
<li class=""><a href="/en-US/app/search/show_source?sid=1399554203.68&offset=0&latest_time="
tabindex="-1" class="menuItemLink" target="_blank">Show Source</a></li>
</div>
</ul>
</div>
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
The answer to this question is actually the same as for the field menu: this can be achieved using workflow actions.
(Credits to bwooden)
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
The answer to this question is actually the same as for the field menu: this can be achieved using workflow actions.
(Credits to bwooden)
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
How about achieving the same using drilldowns?
Join the Splunk Community Slack to learn, troubleshoot, and make connections with fellow Splunk practitioners in real time!
Join Splunk User Groups to connect and learn in-person by region or remotely by topic or industry.
[Puzzles] Solve, Learn, Repeat: Character substitutions with Regular Expressions
Splunk Community Badges!
[Puzzles] Solve, Learn, Repeat: Matching cron expressions
