REST API search issue in Postman

Getting Data In

I have the Authorization figured working, but every time I run a search, I get the following error:
(NOTE the AAA/BBB/nnn stuff is just to mask actual values in this post)

<messages>
        <msg type="DEBUG">Configuration initialization for /var/splunkhot/splunk/etc took 112ms when dispatching a search (search ID: 1556216662.24755_33CF52FC-F282-491A-875E-F8EC1EB01F4C)</msg>
        <msg type="DEBUG">Invalid eval expression for 'EVAL-url_length' in stanza [pan:threat]: The expression is malformed. Expected LIKE.</msg>
        <msg type="DEBUG">base lispy: [ AND host::AAAAAAA source::/app/jboss/BBBBBB/log/server.log ]</msg>
        <msg type="DEBUG">search context: user="nnnnnnn", app="search", bs-pathname="/var/splunkhot/splunk/etc"</msg>
    </messages>

The actual search I have in the body of the POST is:

search=search+host%3DAAAAAAA+source%3D%2Fapp%2Fjboss%2BBBBBB%2Flog%2Fserver.log+%7C+search+ERROR+earliest%3D-4h

I've even done just a SIMPLE search:

search=search+host%3DAAAAAAA

and I STILL get an error.

Any ideas what the issue is??

Get Updates on the Splunk Community!

Community Content Calendar, September edition

Welcome to another insightful post from our Community Content Calendar! We're thrilled to continue bringing ...

Splunkbase Unveils New App Listing Management Public Preview

Splunkbase Unveils New App Listing Management Public PreviewWe're thrilled to announce the public preview of ...

Leveraging Automated Threat Analysis Across the Splunk Ecosystem

Are you leveraging automation to its fullest potential in your threat detection strategy?Our upcoming Security ...

Are you a member of the Splunk Community?