Solved: Get App Name/Folder Name using Search

askkawalkar · ‎08-04-2020

Hi All,

I am stuck at a scenario where if user using search in a specific app, then that app folders name should be shown as a filed.

Is there any way to get current app name using REST or METADATA or any other command ?

Thanks.

thambisetty · ‎08-04-2020

index=_internal
| stats count
| appendcols
[| rest /services/search/jobs splunk_server=local
| addinfo
| where sid = info_sid
| rename eai:acl.app as app_name
| fields + app_name]

upvote if this resolves your issue.

————————————
If this helps, give a like below.

View solution in original post

thambisetty · ‎08-04-2020

index=_internal
| stats count
| appendcols
[| rest /services/search/jobs splunk_server=local
| addinfo
| where sid = info_sid
| rename eai:acl.app as app_name
| fields + app_name]

upvote if this resolves your issue.

————————————
If this helps, give a like below.

Get App Name/Folder Name using Search

fields

metadata

search job inspector

Observe and Secure All Apps with Splunk

Splunk Decoded: Business Transactions vs Business IQ

Fastest way to demo Observability

Are you a member of the Splunk Community?