Splunk Enterprise
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

is there a way to get the data in json format into the KV Store in one go using API endpoint?

super_saiyan
Communicator
‎05-11-2022 03:15 AM
is there a way to get the data in json format into the KV Store in one go  using "storage/collections/data/{collection}/" API endpoint?
 
10000 lines of events in one go ?
Labels (3)
0 Karma
Reply

PickleRick
SplunkTrust
SplunkTrust
‎05-11-2022 03:23 AM

You can set multiple key/value pairs in one call. See the https://docs.splunk.com/Documentation/Splunk/8.2.6/RESTREF/RESTkvstore#storage.2Fcollections.2Fdata....

You're of course limited by the REST API request limits (I'm not sure how big they are).

And I'm not sure why you're refering to KV-store as "events". Events are one thing and you post them to other endpoints (like /services/collector/event), KV Store is another thing.

Reply
Get Updates on the Splunk Community!

Enterprise Security Content Update (ESCU) | New Releases

In December, the Splunk Threat Research Team had 1 release of new security content via the Enterprise Security ...

Why am I not seeing the finding in Splunk Enterprise Security Analyst Queue?

(This is the first of a series of 2 blogs). Splunk Enterprise Security is a fantastic tool that offers robust ...

Index This | What are the 12 Days of Splunk-mas?

December 2024 Edition Hayyy Splunk Education Enthusiasts and the Eternally Curious!  We’re back with another ...