- Splunk Answers
- :
- Using Splunk
- :
- Splunk Search
- :
- Deleting several saved searches in one call
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark Topic
- Subscribe to Topic
- Mute Topic
- Printer Friendly Page
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi,
I am using Splunk REST API to delete saved searches in my java program. I would like to delete several saved searches in one call. Is it possible?
I tried something like:
DELETE saved/searches/{name,name1,name2}
and it did not work.
Thanks
Strive
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
No , you can only delete 1 Saved Search per HTTP DELETE request to the REST endpoint
But you could easily write your own wrapper method using the Java SDK, albeit several HTTP calls will still be getting invoked in the background.
public void deleteSavedSearches(List<String>savedSearchNames){
Map<String, Object> connectionArgs = new HashMap<String, Object>();
connectionArgs.put("host", "mysplunkserver");
connectionArgs.put("username", "fred");
connectionArgs.put("password", "flintstone");
Service splunkService = Service.connect(connectionArgs);
SavedSearchCollection savedSearches = splunkService.getSavedSearches();
for(String savedSearchName:savedSearchNames)
savedSearches.remove(savedSearchName);
}
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
No , you can only delete 1 Saved Search per HTTP DELETE request to the REST endpoint
But you could easily write your own wrapper method using the Java SDK, albeit several HTTP calls will still be getting invoked in the background.
public void deleteSavedSearches(List<String>savedSearchNames){
Map<String, Object> connectionArgs = new HashMap<String, Object>();
connectionArgs.put("host", "mysplunkserver");
connectionArgs.put("username", "fred");
connectionArgs.put("password", "flintstone");
Service splunkService = Service.connect(connectionArgs);
SavedSearchCollection savedSearches = splunkService.getSavedSearches();
for(String savedSearchName:savedSearchNames)
savedSearches.remove(savedSearchName);
}
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
After we found out that it is not possible, we implemented it like how you have mentioned. Thank you Damien.
Routing logs with Splunk OTel Collector for Kubernetes
Welcome to the Splunk Community!
Tech Talk | Elevating Digital Service Excellence: The Synergy of Splunk RUM & APM
