How to create hyperlink that directs to search que...

REACHGPRAVEEN · ‎02-19-2021

it should look like below 2

search by employeeid(hyperlink)

search by app(hyperlink)

once clicked on above hyperlinks it should open new search with search query

index = x | search employeeid =123

index= x | search app = abc

@scelikok @woodcock

Please help on this. Thanks in advance

tscroggins · ‎02-20-2021

@REACHGPRAVEEN

Assuming a base URL of https://splunk:8000/en-us/app/search, i.e. the search app on your Splunk search head, you can construct basic search URLs with the earliest, latest, and q query parameters:

https://splunk:8000/en-US/app/search/search?earliest=-24h%40h&latest=now&q=search%20index%3Dx%20employeeid%3D123

https://splunk:8000/en-US/app/search/search?earliest=-24h%40h&latest=now&q=search%20index%3Dx%20app%3Dabc

Basic URL encoding rules apply.

renoyzac · ‎04-25-2022

@tscroggins @REACHGPRAVEEN I'm facing a similar requirement. I tried appending my query to the q=search parameter as follows:

https://splunksearch.com/en-US/app/search/search? q=search index=xyz sourcetype=xyz

However, it only opens the Splunk Search window, the search query is not copy pasted in the search window.

ITWhisperer · ‎04-25-2022

The URL should be encoded e.g. spaces should be replaced by %20

https://splunksearch.com/en-US/app/search/search?q=search%20index=xyz%20sourcetype=xyz

renoyzac · ‎04-27-2022

That worked. Thank you 🙂

How to create hyperlink that directs to search query on Splunk dashboard?

search job inspector

stats

Splunk Decoded: Service Maps vs Service Analyzer Tree View vs Flow Maps

What’s New in Splunk Observability – September 2025

Fun with Regular Expression - multiples of nine

Are you a member of the Splunk Community?