I have a user case to check how many new errors are logged into Splunk every day. I have to check with previous day logs and post only new logs. So , i want a way to read logs into my application.
Hi,
I know search query. I can directly go and type splunk>enterprise and get results. I want to do above from an application (say written in node js) to call splunk with search query and get the results.
Thanks
This may seem a bit too simplistic however I would run a search across two days along the lines of
search log-level=error | stats count as "totalerrors" by errorType| search totalerrors = 1
search log-level=error | stats count as "totalerrors" by errorType| search totalerrors = 1
I want to query above using my application (say node js) and get results as if I am going to splunk>enterprise site and typing it. Is it possible?
Does splunk provide API to get search query results from another application?
If yes , how?
Thanks tomawest