Hi axl88,
I don't follow you, because the question is: click on ref values, so redirects to the ref website directly, like www.fortigate.com. (How do I to redirect for website? )
I did a workaround using xml tag drilldown .
so, look at my xml configuration:
Malware Analysis
index=firewall sourcetype=fortigate "subtype=infected" pri=warning host="abc.abc.abc.abc" | rex field=ref "http://www.fortinet.com/(?<ref_id>.*)" | table user, src, dst, dst_port, file, virus, url, ref_id | rename user as "Username" src as "IP Source ", dst as "IP Destination ", dst_port as "Port Destination" "
<earliestTime>-24h@h</earliestTime>
<latestTime>now</latestTime>
<drilldown>
<link>http://www.fortinet.com/$row.ref_id$</link>
</drilldown>
<option name="wrap">true</option>
<option name="rowNumbers">false</option>
<option name="dataOverlayMode">none</option>
<option name="drilldown">cell</option>
<option name="count">10</option>
</table>
I hope to help all.
cheers!
... View more