Getting Data In
cancel
Turn on suggestions
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question

accessing saved report data in json/xml from Splunk RESTful API

tommyp1972
New Member
‎06-13-2013 09:08 AM

I have tried to access a saved report through a browser URL using Splunk's RESTful API. I cannot seem to accomplish this. I am using my_domain:8089/servicesNS/my_user/my_app/ but from there I am lost. Where are the reports in the endpoints? I can't find anything in the documentation. I am using Splunk 4.3.6

Tags (3)
0 Karma
Reply

Neeraj_Luthra
Splunk Employee
Splunk Employee
‎06-13-2013 09:21 AM

All the end points are available on Splunk docs at http://docs.splunk.com/Documentation/Splunk/4.3.6/RESTAPI/RESTlist. A couple that you might find useful from this list - saved/searches/{name} and search/jobs/{search_id}/results.

We also have SDKs in 6 different languages. They make it much easier to hit these endpoints and get data from searches and reports from Splunk. You can can find more about the SDKs at http://dev.splunk.com/view/sdks/SP-CAAADP7.

Reply

Neeraj_Luthra
Splunk Employee
Splunk Employee
‎06-21-2013 11:33 AM

I don't think 4.x supports these but with 5.x and higher, following 2 URLs can be used from the browser for a quick check.

https://localhost:8089/services/search/jobs/oneshot?search=search%20index%3D_internal%20head%201

OR
https://localhost:8089/services/search/jobs/export?search=search%20index%3D_internal%20head%201

0 Karma
Reply

tommyp1972
New Member
‎06-13-2013 10:05 AM

OK. Thanks. I was just trying to access the report/saved search via the browser, not curl or php or whatever. Can this not be done just as a quick proof of concept? I found the saved search, not report, from your information above. However, it apepars that that is just to see the configuration or delete it or whatever. I just want the search's output. So I saw this->search/search/jobs/export/ . . . I just don't know how to feed it my search string. I see that your documentation provides Curl examples. But again I just want to do this in a browser with a http request.

0 Karma
Reply
Get Updates on the Splunk Community!

Buttercup Games: Further Dashboarding Techniques (Part 7)

This series of blogs assumes you have already completed the Splunk Enterprise Search Tutorial as it uses the ...

Stay Connected: Your Guide to April Tech Talks, Office Hours, and Webinars!

What are Community Office Hours? Community Office Hours is an interactive 60-minute Zoom series where ...

Mastering Data Pipelines: Unlocking Value with Splunk

 In today's AI-driven world, organizations must balance the challenges of managing the explosion of data with ...
Top