I have a bit of a non-standard splunk question. I've been asked by a customer to have a button next to each result in a "dashboard" that would allow a use to click on it.
This button would run a shell script which will generate a helpdesk ticket (already works via alerts for specific searches).
The purpose of this is to quickly allow analysts to only create tickets for incidents as required.
The issues I see for this are :
Button creation with appropriate http link parameters when clicked. I'm not sure even with the use of sideutils that this is even possible.
Calling the shell script from the web page only using splunk. I could acheive the same results using another cgi web service but as this is splunk specific I would rather not have to install and configure another system for just a single function. I havn't seen anyway to directly call a splunk/bin/****.sh with the possible exeception of having a very narrow search that would always trigger. So perhaps the button could run a scheduled search with an always alert.
Confusing request but I'm not sure how else to phrase this.
Ideas?
edit: additional information. I'm looking to do a soap xml call with information provided by the search. URL's with parameters will possibly not work in this situation so I'm not sure what I can do.