Developing for Splunk Enterprise

How to Get Saved Searches by Owner Through REST API?

koocies
Path Finder

I see the EAI:ACL documentation mentions that an owner flag can be set. can this be used for getting saved searches based on the owner?
so far with curl I have not gotten the results as excepted (the owner is ignored)

If someone knows can you please give me an example?

here is my curl:

curl-k -u john:Password http://localhost:8089/servicesNS/-/app/saved/searches&eai:acl.owner=john

Labels (1)
0 Karma
1 Solution

koocies
Path Finder

Solution is to use the search parameter in the HTTP request:

curl-k -u john:Password http://localhost:8089/servicesNS/-/app/saved/searches?search=eai:acl.owner%3Djohn

 

I honestly don't understand why the username endpoint is used. a '-' for any then using search parameter to narrow down to the owner of saved searches works. 

View solution in original post

0 Karma

koocies
Path Finder

Solution is to use the search parameter in the HTTP request:

curl-k -u john:Password http://localhost:8089/servicesNS/-/app/saved/searches?search=eai:acl.owner%3Djohn

 

I honestly don't understand why the username endpoint is used. a '-' for any then using search parameter to narrow down to the owner of saved searches works. 

0 Karma

richgalloway
SplunkTrust
SplunkTrust

Try

curl-k -u john:Password http://localhost:8089/servicesNS/john/app/saved/searches
---
If this reply helps you, an upvote would be appreciated.
0 Karma

koocies
Path Finder

this returns saved search owned by nobody and the user. It does not seem to filter to the user alone

0 Karma
*NEW* Splunk Love Promo!
Snag a $25 Visa Gift Card for Giving Your Review!

It's another Splunk Love Special! For a limited time, you can review one of our select Splunk products through Gartner Peer Insights and receive a $25 Visa gift card!

Review:





Or Learn More in Our Blog >>