Getting Data In
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

How come our API results are only returning the first 100 results for metadata?

aksharp
Explorer
‎03-04-2019 10:22 AM

I'm trying to get the number of hosts reporting to Splunk via API, but the a normal curl -k is only able to return 100 results.

I tried adding the "count=0" parameter, but it just gives me 100 and cannot go further.

My search strings below.

curl -u user:passwd -k https://XXXX:8089/services/search/jobs -d search="metadata%20type%3Dhosts"
url -u user:passwd -k https://XXXX:8089/services/search/jobs/md_1551723351.24391/results?output_mode=csv&count=0

Any help is appreciated

Labels (1)
Labels
0 Karma
Reply

vandelin
New Member
‎05-26-2020 09:37 AM

This is how I got mine to work, not sure the difference between mine and yours, but this worked for me
curl -k -u 'username:password' "https://api.company.com:443/services/search/jobs/$sidkey/results?count=0&output_mode=csv"

my sidkey is just the sid within a variable , change it to a valid sid

0 Karma
Reply

somesoni2
Revered Legend
‎03-04-2019 10:40 AM

Try like this

curl -k -u user:passwd -k https://XXXX:8089/services/search/jobs/md_1551723351.24391/results --get  -d count=0 -d output_mode=json

Reference: https://docs.splunk.com/Documentation/Splunk/6.2.6/RESTREF/RESTsearchExamples#search.2Fjobs.2F.7Bsea...

0 Karma
Reply
Get Updates on the Splunk Community!

Splunk APM & RUM | Upcoming Planned Maintenance

There will be planned maintenance of the streaming infrastructure for Splunk APM and Splunk RUM in the coming ...

Part 2: Diving Deeper With AIOps

Getting the Most Out of Event Correlation and Alert Storm Detection in Splunk IT Service Intelligence   Watch ...

User Groups | Upcoming Events!

If by chance you weren't already aware, the Splunk Community is host to numerous User Groups, organized ...