Splunk Enterprise

How to check few parameters for every dashboard, report, and alert which is mentioned in the below screenshot?

sanket4147
Loves-to-Learn Lots

Hi All,

 

We have now fine tuning our environment  for that purpose we need your favor. We want to check few parameters for every dashboard ,report and alert which is mentioned in the below screenshot .

We request you ,could you provide the query which gives this required output as mentioned in the below.

 

required output.png

 

Labels (1)
Tags (1)
0 Karma

ITWhisperer
SplunkTrust
SplunkTrust

Start with the data you get from ReST services e.g.

| rest splunk_server=local /servicesNS/-/-/saved/searches
0 Karma

sanket4147
Loves-to-Learn Lots

@ITWhisperer  no it is not working please understnad my question and help me for the same i want simple query which gives me required output which i share in the previous screenshot 

0 Karma

ITWhisperer
SplunkTrust
SplunkTrust

Have a look at the returned fields and decide which ones you want or at least have the information in that you are after

0 Karma

sanket4147
Loves-to-Learn Lots

@ITWhisperer  yes i have alreadyc check with your query but it is not expected result which i want .i just want simple query which give me result for all configured report deatil infromation .required output.png

0 Karma

ITWhisperer
SplunkTrust
SplunkTrust

There is no such thing as a simple query for this - you will have to do some work!

sanket4147
Loves-to-Learn Lots

@ITWhisperer  yes i am agree with you if you can help me for this then i will expand this query 

0 Karma

richgalloway
SplunkTrust
SplunkTrust

We have already helped you.  Now it is time for you to put in some effort.  Use what you learned from the free training (https://www.splunk.com/en_us/training.html?301=%2Ftraining&filters=filterGroup1FreeCourses) to make the results into what you desire.

---
If this reply helps you, Karma would be appreciated.
0 Karma

richgalloway
SplunkTrust
SplunkTrust

There are separate rest commands to get information about searches/alerts and dashboards (views).  Start with 

| rest /services/saved/searches splunk_server=local
| append [ | rest services/data/ui/views ]
---
If this reply helps you, Karma would be appreciated.
0 Karma

sanket4147
Loves-to-Learn Lots

@richgalloway  no this is not working which i expected i want query which give me result output which i mentioned in pervious screenshot 

0 Karma

richgalloway
SplunkTrust
SplunkTrust

The provided query is just a starting point.  Use your SPL skills to reduce the results to the desired fields.

---
If this reply helps you, Karma would be appreciated.

sanket4147
Loves-to-Learn Lots

@richgalloway  yes i can agree but output is not required one if you give me random query at least near about which give near about result then i will try to sort out this .

0 Karma
Get Updates on the Splunk Community!

Splunk Training for All: Meet Aspiring Cybersecurity Analyst, Marc Alicea

Splunk Education believes in the value of training and certification in today’s rapidly-changing data-driven ...

Investigate Security and Threat Detection with VirusTotal and Splunk Integration

As security threats and their complexities surge, security analysts deal with increased challenges and ...

Observability Highlights | January 2023 Newsletter

 January 2023New Product Releases Splunk Network Explorer for Infrastructure MonitoringSplunk unveils Network ...