Building for the Splunk Platform

How do I read logs from splunk>enterprise into my application?

raju4789
New Member

I have a user case to check how many new errors are logged into Splunk every day. I have to check with previous day logs and post only new logs. So , i want a way to read logs into my application.

Tags (1)
0 Karma

raju4789
New Member

Hi,
I know search query. I can directly go and type splunk>enterprise and get results. I want to do above from an application (say written in node js) to call splunk with search query and get the results.

Thanks

0 Karma

tomawest
Path Finder

This may seem a bit too simplistic however I would run a search across two days along the lines of

search log-level=error | stats count as "totalerrors" by errorType| search totalerrors = 1

0 Karma

raju4789
New Member

search log-level=error | stats count as "totalerrors" by errorType| search totalerrors = 1

I want to query above using my application (say node js) and get results as if I am going to splunk>enterprise site and typing it. Is it possible?

Does splunk provide API to get search query results from another application?

If yes , how?

Thanks tomawest

0 Karma
Get Updates on the Splunk Community!

Splunk Training for All: Meet Aspiring Cybersecurity Analyst, Marc Alicea

Splunk Education believes in the value of training and certification in today’s rapidly-changing data-driven ...

Investigate Security and Threat Detection with VirusTotal and Splunk Integration

As security threats and their complexities surge, security analysts deal with increased challenges and ...

Observability Highlights | January 2023 Newsletter

 January 2023New Product Releases Splunk Network Explorer for Infrastructure MonitoringSplunk unveils Network ...