Splunk Search

Is there a way to list all the available REST endpoints via search query ?

splunker12er
Motivator

When I search for :

| rest /services/server

it lists below endpoints available for server:

https://127.0.0.1:8089/services/server/control
https://127.0.0.1:8089/services/server/info
https://127.0.0.1:8089/services/server/introspection
https://127.0.0.1:8089/services/server/logger
https://127.0.0.1:8089/services/server/roles
https://127.0.0.1:8089/services/server/settings 

but , it doesn't list the below : (i manually type "/status" to the search query to get the below endpoints)

https://127.0.0.1:8089/services/server/status/dispatch-artifacts    
https://127.0.0.1:8089/services/server/status/fishbucket
https://127.0.0.1:8089/services/server/status/limits    
https://127.0.0.1:8089/services/server/status/partitions-space

Neither I see the above endpoints in splunk docs
Is there a way that I can list all the available endpoints via splunk search ??

Version : 6.3.3

1 Solution

MuS
Legend

Hi splunker12er,

there is a list available within Splunk, call this URI http[s]://YourSplunkServerHere:[YourSplunkPortHere]/en-GB/paths
This will provide you a long list a endpoints, don't nail me down if there is one missing 😉

Hope this helps ...

cheers, MuS

View solution in original post

rsathish47
Contributor

do we have any internal logs to get server role information using search query but not using rest command?

0 Karma

MuS
Legend

Hi splunker12er,

there is a list available within Splunk, call this URI http[s]://YourSplunkServerHere:[YourSplunkPortHere]/en-GB/paths
This will provide you a long list a endpoints, don't nail me down if there is one missing 😉

Hope this helps ...

cheers, MuS

fdi01
Motivator

try like :

| rest /services/server/status| append [| rest /services/server/]

splunker12er
Motivator

No. I need an answer to list all types of endpoints available in splunk.

I mean that /services/server/ - doesn't list /status endpoint.
when I search explicitly /services/server/status it shows results.

like this I there may be as many endpoints., Is there a way to list all ?

0 Karma
Get Updates on the Splunk Community!

What's New in Splunk Enterprise 9.4: Features to Power Your Digital Resilience

Hey Splunky People! We are excited to share the latest updates in Splunk Enterprise 9.4. In this release we ...

Take Your Breath Away with Splunk Risk-Based Alerting (RBA)

WATCH NOW!The Splunk Guide to Risk-Based Alerting is here to empower your SOC like never before. Join Haylee ...

SignalFlow: What? Why? How?

What is SignalFlow? Splunk Observability Cloud’s analytics engine, SignalFlow, opens up a world of in-depth ...