Splunk ITSI
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

How to direct users to the ITSI Episode Review dashboard from the drill-down link?

m_kostiew
Engager
‎11-25-2019 07:41 AM

I have a "normal" dashboard created that pulls together some ITSI data for my end users. In the table of the dashboard, I want to make it so the drill-down link will direct users to the ITSI Episode Review dashboard instead of the usual, traditional search, and for the specific grouped notable event, not just the dashboard itself.

I've used the event_identifier_hash, service ID(s), and the event_id values from the notables, in many variations of the URL; I can't seem to get the URL pinned down to that unique event/notable.

Is it even possible?

Thanks!

Labels (1)
Labels
0 Karma
Reply

Fouad
Loves-to-Learn Lots
‎09-23-2020 01:09 AM

same problem here, any updates?

0 Karma
Reply

wsveum
Explorer
‎01-03-2024 01:00 AM

I suppose you have found a solution to this by now. But if not, here is how i solved it by using the itsi_group_id field from index=itsi_grouped_alerts:

https://<your_splunk_instance>/en-GB/app/itsi/itsi_event_management?earliest=-24h&episodeid=$result....

I used this to make a link from ServiceNow directly to the episode in ITSI Alerts and Episodes.

In the Configure Action part of the Create/update ServiceNow Incident in the NEAP, i put the following in Custom Fields to make the link:

comments=[code]<a href="https://<your_splunk_instance>/en-GB/app/itsi/itsi_event_management?earliest=-24h&episodeid=$result.itsi_group_id$" target="_blank">Link to Splunk ITSI Alerts and Episodes<br></a>[/code]

 

0 Karma
Reply

skramp
SplunkTrust
SplunkTrust
‎01-30-2024 12:22 AM

If you have the episodeID, you can link directly to it:

https://YOURSPLUNKSERVER:8000/en-US/app/itsi/itsi_event_management?earliest=-7d%40h&latest=now&form....

Please be aware of the time span, if episode is older than 7d it won't be found because in THIS link -7d is set.

0 Karma
Reply
Get Updates on the Splunk Community!

New Case Study Shows the Value of Partnering with Splunk Academic Alliance

The University of Nevada, Las Vegas (UNLV) is another premier research institution helping to shape the next ...

How to Monitor Google Kubernetes Engine (GKE)

We’ve looked at how to integrate Kubernetes environments with Splunk Observability Cloud, but what about ...

Index This | How can you make 45 using only 4?

October 2024 Edition Hayyy Splunk Education Enthusiasts and the Eternally Curious!  We’re back with this ...