All Apps and Add-ons
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

REST Response Handler in Addon Builder.

ansif
Motivator
‎05-18-2020 05:42 PM

Hi All,

Is there an option to handle API returned json data using Addon Builder?

I want to sort a field in descending order and create a checkpoint against it.

API doesn't have a feature/Method to sort by field.

And one more question,if I do checkpoint using the sorted timestamp field, checkpoint always get events greater than the timestamp? Because API doesn't have a feature to include >timestamp field.

My requirement is:

Call the end point and index only unique values. Everytime I make a call , getting whole events again and again. The API is very basic and doesn't have some kind of filters and sorts.

There is a timestamp field exist in the results that I can use in search to get dedup values but the license consumption is lot since we are getting same data again and again.

Thanks

0 Karma
Reply

pmeyerson
Path Finder
‎07-30-2020 06:56 PM

You can bring all the data in, and | dedup your search in Splunk, or use some custom python code with Add-On Builder... its not "out of the box" per se, but add-on builder would allow you to setup that customization yourself.

0 Karma
Reply

damode
Motivator
‎07-14-2020 11:16 PM

Were you eventually get it fixed ?

0 Karma
Reply
Get Updates on the Splunk Community!

Observability | How to Think About Instrumentation Overhead (White Paper)

Novice observability practitioners are often overly obsessed with performance. They might approach ...

Cloud Platform | Get Resiliency in the Cloud Event (Register Now!)

IDC Report: Enterprises Gain Higher Efficiency and Resiliency With Migration to Cloud  Today many enterprises ...

The Great Resilience Quest: 10th Leaderboard Update

The tenth leaderboard update (11.23-12.05) for The Great Resilience Quest is out >> As our brave ...