Alerting
×

Join the Conversation

Without signing in, you're just watching from the sidelines. Sign in or Register to connect, share, and be part of the Splunk Community.
Ask a Question

How to see Alert search results in RSS feed

coresystems_scp
Engager
‎08-17-2011 05:15 AM

Hi,

I have created a Search that will display be some data, like number of sold license in the last 24 hours.
When running the search I can see the results in Splunk like this
ProductA 24
ProductB 10

But with RSS I don't see any search results, I just see that the query was running.

How can I see the search results in the RSS feed?

Thanks

Tags (2)
Reply

amit_saxena
Communicator
‎09-12-2013 10:38 AM

Hi,

I have successfully retrieved search results via RSS though indirectly. The steps for the same are as follows.

1) Extract RSS entry from RSS feed.
2) Extract the alert details and hence job name from RSS entry
3) Use REST API with this job name as input to get job results export in any format like rss, xml, json etc

Let me know if there are any queries.

Regards,
Amit Saxena

0 Karma
Reply

Ayn
Legend
‎08-17-2011 05:32 AM

Unfortunately there is currently no functionality for including search results in the RSS feed. This would be a great feature, so you should consider filing an ER for it.

Reply
Got questions? Get answers!

Join the Splunk Community Slack to learn, troubleshoot, and make connections with fellow Splunk practitioners in real time!

Meet up IRL or virtually!

Join Splunk User Groups to connect and learn in-person by region or remotely by topic or industry.

Get Updates on the Splunk Community!

Event Series: Splunk Observability Metrics Cost Optimization

Balancing Scale and Spend: Gaining Control Over High-Volume Metrics in Splunk Observability Cloud As ...

Kick the Tires Before You Commit: A Hands-On Tour of the Splunk Observability Cloud ...

Evaluating an enterprise observability platform usually goes like this: fill out a form, get a free trial with ...

Deep insights, no barriers: Splunk Observability Cloud Free Edition

As software delivery cycles continue to accelerate, observability shouldn’t be a luxury — it should be a ...