Expose Splunk Report via Azure API

Path Finder

Hi all.

I have a report set up in Splunk producing a visualisation we're embedding on our website.

A member of the public has asked if they can instead get the raw data in JSON format. I don't want to create them a user in the system, and I'd really rather link them through our Azure API portal, where we have our other API end points for retrieving customer data.

So, what I'm really wanting to do is work out how I can get the scheduled report data out of Splunk and into the Azure API.

I'm aware this is not a pure Splunk data, but TBH, I thought people here would be most likely to have the most experience, especially as I seem to need to 2-step the REST queries to find the search IDs and then get the results and....  It all ended up being quite a lot more complicated than I expected it to be.

I couldn't find any relevant how-to guides online either, so thought this 

Labels (2)
0 Karma
Did you miss .conf21 Virtual?

Good news! The event's keynotes and many of its breakout sessions are now available online, and still totally FREE!