Re: How to see Alert search results in RSS feed

coresystems_scp · ‎08-17-2011

Hi,

I have created a Search that will display be some data, like number of sold license in the last 24 hours.
When running the search I can see the results in Splunk like this
ProductA 24
ProductB 10

But with RSS I don't see any search results, I just see that the query was running.

How can I see the search results in the RSS feed?

Thanks

amit_saxena · ‎09-12-2013

Hi,

I have successfully retrieved search results via RSS though indirectly. The steps for the same are as follows.

1) Extract RSS entry from RSS feed.
2) Extract the alert details and hence job name from RSS entry
3) Use REST API with this job name as input to get job results export in any format like rss, xml, json etc

Let me know if there are any queries.

Regards,
Amit Saxena

Ayn · ‎08-17-2011

Unfortunately there is currently no functionality for including search results in the RSS feed. This would be a great feature, so you should consider filing an ER for it.

How to see Alert search results in RSS feed

Join the Splunk Community Slack to learn, troubleshoot, and make connections with fellow Splunk practitioners in real time!

Join Splunk User Groups to connect and learn in-person by region or remotely by topic or industry.

Why Splunk Customers Should Attend Cisco Live 2026 Las Vegas

What Is the Name of the USB Key Inserted by Bob Smith? (BOTS Hint, Not the Answer)

Automating Threat Operations and Threat Hunting with Recorded Future

Join the Conversation