Other Usage
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

Rest API request to fetch Audit logs in Splunk Enterprise security

Chandrashekharg
Engager
‎01-03-2024 11:23 PM

We are looking for API request which fetch the audit logs/events performed by users in various application

Labels (1)
Labels
0 Karma
Reply

isoutamo
SplunkTrust
SplunkTrust
‎01-05-2024 05:05 AM

Hi

unfortunately (at least I don't know) that there is separate endpoints to get splunk audit logs.

But you could get those by using search endpoint. https://docs.splunk.com/Documentation/Splunk/9.1.2/RESTREF/RESTsearch

Just create some saved searches which give you needed information and then call those or use ad hoc queries over REST api.

r. Ismo

Reply
Get Updates on the Splunk Community!

How to Get Started with Splunk Data Management Pipeline Builders (Edge Processor & ...

If you want to gain full control over your growing data volumes, check out Splunk’s Data Management pipeline ...

Out of the Box to Up And Running - Streamlined Observability for Your Cloud ...

  Tech Talk Streamlined Observability for Your Cloud Environment Register    Out of the Box to Up And Running ...

Splunk Smartness with Brandon Sternfield | Episode 3

Hello and welcome to another episode of "Splunk Smartness," the interview series where we explore the power of ...