Dashboards & Visualizations
×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question

How to provide time frame for the search and export format when posting to /search/jobs/export using PostMan ?

ebeid
New Member
‎12-11-2017 08:53 AM

I'm doing search through postman to search against https://DomainName:8089/services/search/jobs/export
I do a POST call with this payload search=search%20index%3DINDEXNAME%20QUERY
It is working fine but I have two issues:

  1. I don't know how to provide time range for the search.
  2. I need the results in JSON format, not XML
0 Karma
Reply

sbbadri
Motivator
‎12-11-2017 12:57 PM

@ebeid

1) time frame: search=search%20index%3DINDEXNAME%20index_earliest =-2d%20index_latest =now%20QUERY
2) outputmode json: search=search%20index%3DINDEXNAME%20index_earliest =-2d%20index_latest =now%20output_mode=json%20QUERY
outputmode xml: search=search%20index%3DINDEXNAME%20index_earliest =-2d%20index_latest =now%20output_mode=xml%20QUERY

by default results will be xml

check below link,

http://docs.splunk.com/Documentation/Splunk/7.0.1/RESTREF/RESTsearch#search.2Fjobs.2Fexport

i hope this helps

0 Karma
Reply
Get Updates on the Splunk Community!

Observe and Secure All Apps with Splunk

  Join Us for Our Next Tech Talk: Observe and Secure All Apps with SplunkAs organizations continue to innovate ...

Splunk Decoded: Business Transactions vs Business IQ

It’s the morning of Black Friday, and your e-commerce site is handling 10x normal traffic. Orders are flowing, ...

Fastest way to demo Observability

I’ve been having a lot of fun learning about Kubernetes and Observability. I set myself an interesting ...