Getting Data In
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question
Solved! Jump to solution

Is there a way to paginate search results ?

lmeur
Engager
‎03-08-2011 04:12 PM

I'm able to limit number of results with "head ${number}" expression but what I need is to grab a page from a search job with REST Api (for example the 3rd page of 100 elements) to limit bandwith usage when we grab search results from Splunk REST Api.

Is there a way to do this with search language or Rest API or both ?

Ludovic.

Tags (2)
0 Karma
Reply
1 Solution
Solved! Jump to solution
Solution

sideview
SplunkTrust
SplunkTrust
‎03-08-2011 08:25 PM

in the API you can specify an offset argument, and a count argument, and that will do the paging for you.

http://www.splunk.com/base/Documentation/latest/Developer/RESTSearch

More Advanced:: If you ever want to do really complex things where you actually transform the result set and then paginate the transformed result set you can do that too although it requires a lot more familiarity with the system to avoid certain pitfalls. In that case when you are making your GET request to the results endpoint, you would use the 'search' argument. This is called a 'postprocess search' fwiw. And you can combine the search with the offset and count args as well I believe they place nice together.

http://www.splunk.com/base/Documentation/latest/Developer/RESTSearch

View solution in original post

0 Karma
Reply
Solved! Jump to solution
Solution

sideview
SplunkTrust
SplunkTrust
‎03-08-2011 08:25 PM

in the API you can specify an offset argument, and a count argument, and that will do the paging for you.

http://www.splunk.com/base/Documentation/latest/Developer/RESTSearch

More Advanced:: If you ever want to do really complex things where you actually transform the result set and then paginate the transformed result set you can do that too although it requires a lot more familiarity with the system to avoid certain pitfalls. In that case when you are making your GET request to the results endpoint, you would use the 'search' argument. This is called a 'postprocess search' fwiw. And you can combine the search with the offset and count args as well I believe they place nice together.

http://www.splunk.com/base/Documentation/latest/Developer/RESTSearch

0 Karma
Reply
Solved! Jump to solution

organus
Explorer
‎01-18-2018 07:30 AM

The link seems to be broken.

0 Karma
Reply
Get Updates on the Splunk Community!

Get the T-shirt to Prove You Survived Splunk University Bootcamp

As if Splunk University, in Las Vegas, in-person, with three days of bootcamps and labs weren’t enough, now ...

Introducing the Splunk Community Dashboard Challenge!

Welcome to Splunk Community Dashboard Challenge! This is your chance to showcase your skills in creating ...

Wondering How to Build Resiliency in the Cloud?

IT leaders are choosing Splunk Cloud as an ideal cloud transformation platform to drive business resilience,  ...