Splunk Enterprise
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question
Solved! Jump to solution

How do you name a splunk index when making the index?

obesechicken13
Explorer
‎09-11-2012 01:43 PM

Hi. I'm trying to recreate a splunk index. The index exists in the http search url. https://splunk.mycompany.com/en-US/app/launcher/home

But not in the restapi search head
https://stuff_splunk-search05:8089/services/search/jobs/export

So then I thought, one way to automate getting the data I want from the search head is just to reverse engineer the index from the http search url.
http://dev.splunk.com/view/SP-CAAADQT

The other would be to upload a script to splunk and then run it on a schedule but that's also something I don't know how to do.

I've never made an index. Before I asked someone in my company I just wanted to quickly ask here, how do you set the name of an index? It wasn't too explicit in the instructions.

Tags (2)
0 Karma
Reply
1 Solution
Solved! Jump to solution
Solution

obesechicken13
Explorer
‎09-13-2012 10:29 AM

So mr. obesechicken13. It seems your search head does not have the same data as the splunk server has. There's no way to automate getting the data that you want.

View solution in original post

0 Karma
Reply
Solved! Jump to solution
Solution

obesechicken13
Explorer
‎09-13-2012 10:29 AM

So mr. obesechicken13. It seems your search head does not have the same data as the splunk server has. There's no way to automate getting the data that you want.

0 Karma
Reply
Solved! Jump to solution

obesechicken13
Explorer
‎09-13-2012 10:29 AM

thanks mr. obesechicken13

0 Karma
Reply
Solved! Jump to solution

obesechicken13
Explorer
‎09-12-2012 11:45 AM

haha. not yet. I'll report back when I solve it.

0 Karma
Reply
Solved! Jump to solution

Ayn
Legend
‎09-11-2012 10:11 PM

Did you solve your issue? Your question confuses me, but if you got it sorted out, great. 🙂

0 Karma
Reply
Solved! Jump to solution

sdaniels
Splunk Employee
Splunk Employee
‎09-11-2012 01:46 PM

You can create indexes in Manager > Indexes. Then when you create inputs you'll assign your newly create index.

http://docs.splunk.com/Documentation/Splunk/latest/admin/Setupmultipleindexes#Create_and_edit_indexe...

Reply
Solved! Jump to solution

obesechicken13
Explorer
‎09-11-2012 02:04 PM

Thanks. I don't have permission to access the indexes from there though, and it wouldn't help if I did. I'm using a different account with different permissions through the rest api.

0 Karma
Reply
Get Updates on the Splunk Community!

.conf24 | Registration Open!

Hello, hello! I come bearing good news: Registration for .conf24 is now open!   conf is Splunk’s rad annual ...

ICYMI - Check out the latest releases of Splunk Edge Processor

Splunk is pleased to announce the latest enhancements to Splunk Edge Processor.  HEC Receiver authorization ...

Introducing the 2024 SplunkTrust!

Hello, Splunk Community! We are beyond thrilled to announce our newest group of SplunkTrust members!  The ...