Join the Conversation
- Find Answers
- :
- Using Splunk
- :
- Splunk Search
- :
- Convert Splunk results from spl to JSON before 8.2
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark Topic
- Subscribe to Topic
- Mute Topic
- Printer Friendly Page
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hello everybody,
I'm using an spl query that extracts some values from a lookup and sends them to a web API via POST request (for this i'm using the WebTools add-on).
To send data formatted as reported in the api swagger, I'm using the Splunk command "tojson" to convert Spl query results to Json in my test instance.
Since the tojson command is really new (props to Splunk for adding this!) and was introduced from 8.2, is there a way to do the same in previous Splunk versions?
Splunk Query: |inputlookup l2d.csv |eventstats values(tp) as id | table id,code | tojson <...curl using raw field from tojson>
Json format expected and produced with tojson command: {"id":["id1","id2"],"code":"00001"}
Thank you for the attention, have a nice day,
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hello @D0do ,
I believe this is what you're looking for:
https://community.splunk.com/t5/Getting-Data-In/How-to-convert-an-event-INTO-JSON/m-p/288299
Thanks,
S
***If this helped, please accept it as a solution. It helps others to find the solution for similar issues quickly.***
Shiv
###If you found the answer helpful, kindly consider upvoting/accepting it as the answer as it helps other Splunkers find the solutions to similar issues###
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Thanks @shivanshu1593, much appreciated
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hello @D0do ,
I believe this is what you're looking for:
https://community.splunk.com/t5/Getting-Data-In/How-to-convert-an-event-INTO-JSON/m-p/288299
Thanks,
S
***If this helped, please accept it as a solution. It helps others to find the solution for similar issues quickly.***
Shiv
###If you found the answer helpful, kindly consider upvoting/accepting it as the answer as it helps other Splunkers find the solutions to similar issues###
Splunk Search APIを使えば調査過程が残せます
Integrating Splunk Search API and Quarto to Create Reproducible Investigation ...
Congratulations to the 2025-2026 SplunkTrust!
