I am trying to link users to a external page based on the table cell (contain url) clicked.
My drilldown code:
<link>
$click.value$
</link>
</drilldown>
E.g click.value = https://docs.google.com/document/d/ABCD/edit?usp=docslist_api
However, it returned an error page:
"Invalid view name requested "https://docs.google.com/document/d/ABCD/edit?usp=docslist_api" View names may only contain alphanumeric characters."
I know it is trying to search for a view called www.google.com in splunk.
Is there anything I missed out and how do I fix this?
if your field contains a full URL:
I ran smack into the "Invalid view name requested" issue today in Splunk Version 6.4.1 Build debde650d26e. Likewise, after much experimenting the only thing I could make work is to hard code a known valid url and append the search string from my $click.value$ as shown below.
<drilldown>
<condition field="My Field">
<link target="_blank">
http://<host>:<port>?paramName=$click.value$
</link>
</condition>
</drilldown>
where $click.value$ is paramValue specific to my app. However, in my app, the url varies by event, which is why it's included in the event. So this issue breaks my app. What my app needs to work correctly is the following:
<drilldown>
<condition field="My Field">
<link target="_blank">
$click.value$
</link>
</condition>
</drilldown>
where $click.value$ holds the complete url from the my event.
Has a defect been submitted on this? If not, how would I submit one? Please let me know. Thanks!
Hi nyp_kwyc,
from my point of view, it is better to use a CDATA link here like this:
<drilldown>
<link>
<![CDATA[ http://splunk-base.splunk.com/integrated_search/?q=$click.value$ ]]>
</link>
</drilldown>
Hope this helps ...
cheers, MuS
Hi MuS
Thanks for the suggestion
However my click.value contain a link like E.g http://www.google.com
And when i click on the cell to launch the drilldown url, the url is added behind my splunk domain
result the search to be
http://mysplunk.uk.to:8000/en-GB/manager/pageone/www.google.com
I realized if I add some random names in front of $click.value$
E.g https://$click.value$
It will be able to search externally -> https://http://www.google.com
Now I see, after some testing it looks like the code http://
inside the link
tag is the trigger for this to work. Easiest work around is to remove the leading http://
from your values like this:
| eval baz=ltrim(foo, "htps:/")
The Url that was redirected seems to have percent encode when the actual link in $click.value$ dosent have that.
Do you have any idea why is it so?
Hi nyp_kwyc,
Did you find a solution?
I have exactly the same problem. Experimented a lot (CDATA,urldecode,ltrim,replace...), but failed to find a solution. It's a very frustrating experience.
best regards
Andreas
Have the same issue, also experimented a lot without success unfortunately. Looks like token values are automatically url safe encoded making them unsuitable for complete url's.
See the docs here for more info: http://docs.splunk.com/Documentation/Splunk/6.2.1/Viz/tokens#Token_filters
Where they mention:
Filter=URL format: $token_name|u$
Description=Ensures that the token value is valid to use as a URL. Token values for the element < LINK > use this filter by default.
So looks like this behaviour is by design and cannot by overwritten AFAIK.
Sorry, but I don't. Maybe you can use urldecode
on it? http://docs.splunk.com/Documentation/Splunk/6.2.1/SearchReference/CommonEvalFunctions