Re: JavaScript To create a saved search

qfjp · ‎07-23-2013

// Retrieve the collection of saved searches

var mySavedSearches = service.savedSearches();

// Specify a name and search query

var searchName = "Test Search";

// Note: Do not include the 'search' keyword for a saved search

var searchQuery = "* | head 10";

// Create the saved search

mySavedSearches.create({
name: searchName,
search: searchQuery
}, function(err, newSearch) {
console.log("A new saved search was created");
});

Do not know is that in the above function.
How do I set time and schedule?

jameshgibson · ‎07-23-2013

You need to set a few more options, here is an example that would schedule the job to run every 10mins over the previous month.

opts = { name: "searchname", 
         search: "* | head 10", 
         is_scheduled: 1, 
         cron_schedule: "*/10 * * * *",
         'dispatch.earliest_time': '-1mon@d',
         'dispatch.latest_time': 'now',
};


mySavedSearches.create(opts, function(err, newSearch) {
    console.log("created!");
});

jameshgibson · ‎07-25-2013

your welcome, please feel free to vote the answer up or accept 😉

qfjp · ‎07-24-2013

Thanks!! Were very helpful.

linu1988 · ‎07-23-2013

Please refer this documentation for the Savedsearch parameters:

_http://dev.splunk.com/view/SP-CAAAEKZ

JavaScript To create a saved search

Join the Splunk Community Slack to learn, troubleshoot, and make connections with fellow Splunk practitioners in real time!

Join Splunk User Groups to connect and learn in-person by region or remotely by topic or industry.

[Puzzles] Solve, Learn, Repeat: Matching cron expressions

Why Splunk Customers Should Attend Cisco Live 2026 Las Vegas

Data Management Digest – May 2026

Join the Conversation