The purpose of this chrome extension is to help analysts using Splunk, by enabling them to access their favorite queries by selecting some text and picking a saved query from the right click menu.
It works by grabbing an active Splunk query using the url from an active Splunk page and saving it after you name it and define a variable using $$$ on either side.
- Grab the query using the "Grab query button" accessible from the Rtsknulps icon in the toolbar.
- Locate and mark your variable in the query url using $$$ on either side.
- Name your query.
- Save using the "Save query button".
Ex. Grab and edit "long splunk query containing my variable user name rest of query". Add $$$ on either side of your variable resulting in: "long splunk query containing my variable $$$user name$$$ rest of query.
The plan is to get Rtsknulps into the chrome web store as a free and open source extension, but until then you can install this extension manually in developer mode.
Here is how to do it:
- Download as ZIP from Github and extract it.
- Visit chrome://extensions/ in your chrome browser and toggle developer mode on (top right).
- Click on "Load unpacked extension..." and choose the directory you extracted from the ZIP.