Solved: Link to a file in search results

srinisub · ‎09-05-2017

I have a zip file uploaded into Splunk. This zip file contains a files.csv file and some file attachments stored in files/ . Here's a sample record in files.csv.

File Id      File Name            File Path 
101704839   Ready_AHV.png       files/102231960.png

If I search for Ready_AHV.png, I get the above search result. What I am looking for is a link to the file path, so when I click on the link, it opens the file attachment. Let me know if there is a way to do this.

jkat54 · ‎09-05-2017

There's not a way to do this out of the box with Splunk. If you were to run Apache on the same box and put the files on a VirtualHost (in layman, that's Apache terminology for a website), then you could make the results look like this:

http://splunkserver:{VirtualHostPort}/path/to/file

And make that a hyperlink or drill down on a dashboard so that when the user clicks, it opens a new browser window and downloads the file.

View solution in original post

jkat54 · ‎09-05-2017

There's not a way to do this out of the box with Splunk. If you were to run Apache on the same box and put the files on a VirtualHost (in layman, that's Apache terminology for a website), then you could make the results look like this:

http://splunkserver:{VirtualHostPort}/path/to/file

And make that a hyperlink or drill down on a dashboard so that when the user clicks, it opens a new browser window and downloads the file.

Link to a file in search results

Preparing your Splunk Environment for OpenSSL3

Unleash Unified Security and Observability with Splunk Cloud Platform

Splunk AppDynamics with Cisco Secure Application