Dashboards & Visualizations
×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question

How to provide time frame for the search and export format when posting to /search/jobs/export using PostMan ?

ebeid
New Member
‎12-11-2017 08:53 AM

I'm doing search through postman to search against https://DomainName:8089/services/search/jobs/export
I do a POST call with this payload search=search%20index%3DINDEXNAME%20QUERY
It is working fine but I have two issues:

  1. I don't know how to provide time range for the search.
  2. I need the results in JSON format, not XML
0 Karma
Reply

sbbadri
Motivator
‎12-11-2017 12:57 PM

@ebeid

1) time frame: search=search%20index%3DINDEXNAME%20index_earliest =-2d%20index_latest =now%20QUERY
2) outputmode json: search=search%20index%3DINDEXNAME%20index_earliest =-2d%20index_latest =now%20output_mode=json%20QUERY
outputmode xml: search=search%20index%3DINDEXNAME%20index_earliest =-2d%20index_latest =now%20output_mode=xml%20QUERY

by default results will be xml

check below link,

http://docs.splunk.com/Documentation/Splunk/7.0.1/RESTREF/RESTsearch#search.2Fjobs.2Fexport

i hope this helps

0 Karma
Reply
Get Updates on the Splunk Community!

Splunk Decoded: Service Maps vs Service Analyzer Tree View vs Flow Maps

It’s Monday morning, and your phone is buzzing with alert escalations – your customer-facing portal is running ...

What’s New in Splunk Observability – September 2025

What's NewWe are excited to announce the latest enhancements to Splunk Observability, designed to help ITOps ...

Fun with Regular Expression - multiples of nine

Fun with Regular Expression - multiples of nineThis challenge was first posted on Slack #regex channel ...