Splunk Cloud Platform
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

can you create searches using the REST API in splunk cloud

adeyoyeniyi
New Member
‎08-29-2024 02:32 PM

can you create searches using the REST API in splunk cloud

Labels (1)
Labels
0 Karma
Reply

akapa
Engager
‎09-18-2024 10:23 AM

Yes, you can create searches using the REST API in Splunk Cloud. Here are the basic steps:

  1. Get a Session Key: Authenticate with Splunk to get a session key.
  2. Create a Search Job: Use the /services/search/jobs endpoint to create a search job. You’ll need to send a POST request with your search query in the body.
  3. Check Search Status: Use the search ID (sid) returned from the previous step to check the status of your search job.

Here’s a simple example using curl:

curl -k -u username:password https://<splunk-cloud-url>/services/search/jobs -d search="search index=_internal | head 10"

This command will create a search job that retrieves the first 10 events from the _internal index.

 
 
0 Karma
Reply

KendallW
Contributor
‎09-01-2024 08:44 PM

Yes - see example here: https://docs.splunk.com/Documentation/SplunkCloud/latest/RESTTUT/RESTsearches#Example:_Create_a_sear... 

0 Karma
Reply
Get Updates on the Splunk Community!

New Case Study Shows the Value of Partnering with Splunk Academic Alliance

The University of Nevada, Las Vegas (UNLV) is another premier research institution helping to shape the next ...

How to Monitor Google Kubernetes Engine (GKE)

We’ve looked at how to integrate Kubernetes environments with Splunk Observability Cloud, but what about ...

Index This | How can you make 45 using only 4?

October 2024 Edition Hayyy Splunk Education Enthusiasts and the Eternally Curious!  We’re back with this ...