Splunk Search

How to create hyperlink that directs to search query on Splunk dashboard?

REACHGPRAVEEN
Explorer

it should look like below 2 

search by employeeid(hyperlink)

search by app(hyperlink)

once clicked on above  hyperlinks it should open new search with search query

index = x  | search employeeid =123

index= x | search app = abc

@scelikok  @woodcock

Please help on this. Thanks in advance

Labels (2)
Tags (1)
0 Karma

tscroggins
Influencer

@REACHGPRAVEEN 

Assuming a base URL of https://splunk:8000/en-us/app/search, i.e. the search app on your Splunk search head, you can construct basic search URLs with the earliest, latest, and q query parameters:

https://splunk:8000/en-US/app/search/search?earliest=-24h%40h&latest=now&q=search%20index%3Dx%20employeeid%3D123 

https://splunk:8000/en-US/app/search/search?earliest=-24h%40h&latest=now&q=search%20index%3Dx%20app%3Dabc 

Basic URL encoding rules apply.

0 Karma

renoyzac
Observer

@tscroggins @REACHGPRAVEEN I'm facing a similar requirement. I tried appending my query to the q=search parameter as follows:

 

https://splunksearch.com/en-US/app/search/search? q=search index=xyz sourcetype=xyz

 

However, it only opens the Splunk Search window, the search query is not copy pasted in the search window. 

0 Karma

ITWhisperer
SplunkTrust
SplunkTrust

The URL should be encoded e.g. spaces should be replaced by %20

https://splunksearch.com/en-US/app/search/search?q=search%20index=xyz%20sourcetype=xyz
0 Karma

renoyzac
Observer

That worked. Thank you 🙂 

0 Karma
Get Updates on the Splunk Community!

Leveraging Automated Threat Analysis Across the Splunk Ecosystem

Enhance Security Operations with Automated Threat Analysis in the Splunk EcosystemAre you leveraging ...

Splunk Developers: Go Beyond the Dashboard with These .Conf25 Sessions

  Whether you’re building custom apps, diving into SPL2, or integrating AI and machine learning into your ...

Index This | How do you write 23 only using the number 2?

July 2025 Edition Hayyy Splunk Education Enthusiasts and the Eternally Curious!  We’re back with this month’s ...