Splunk Search

Is there a way to list all the available REST endpoints via search query ?

splunker12er
Motivator

When I search for :

| rest /services/server

it lists below endpoints available for server:

https://127.0.0.1:8089/services/server/control
https://127.0.0.1:8089/services/server/info
https://127.0.0.1:8089/services/server/introspection
https://127.0.0.1:8089/services/server/logger
https://127.0.0.1:8089/services/server/roles
https://127.0.0.1:8089/services/server/settings 

but , it doesn't list the below : (i manually type "/status" to the search query to get the below endpoints)

https://127.0.0.1:8089/services/server/status/dispatch-artifacts    
https://127.0.0.1:8089/services/server/status/fishbucket
https://127.0.0.1:8089/services/server/status/limits    
https://127.0.0.1:8089/services/server/status/partitions-space

Neither I see the above endpoints in splunk docs
Is there a way that I can list all the available endpoints via splunk search ??

Version : 6.3.3

1 Solution

MuS
Legend

Hi splunker12er,

there is a list available within Splunk, call this URI http[s]://YourSplunkServerHere:[YourSplunkPortHere]/en-GB/paths
This will provide you a long list a endpoints, don't nail me down if there is one missing 😉

Hope this helps ...

cheers, MuS

View solution in original post

rsathish47
Contributor

do we have any internal logs to get server role information using search query but not using rest command?

0 Karma

MuS
Legend

Hi splunker12er,

there is a list available within Splunk, call this URI http[s]://YourSplunkServerHere:[YourSplunkPortHere]/en-GB/paths
This will provide you a long list a endpoints, don't nail me down if there is one missing 😉

Hope this helps ...

cheers, MuS

fdi01
Motivator

try like :

| rest /services/server/status| append [| rest /services/server/]

splunker12er
Motivator

No. I need an answer to list all types of endpoints available in splunk.

I mean that /services/server/ - doesn't list /status endpoint.
when I search explicitly /services/server/status it shows results.

like this I there may be as many endpoints., Is there a way to list all ?

0 Karma
Get Updates on the Splunk Community!

Demo Day: Strengthen Your SOC with Splunk Enterprise Security 8.1

Today’s threat landscape is more complex than ever. Security operation centers (SOCs) are overwhelmed with ...

Dashboards: Hiding charts while search is being executed and other uses for tokens

There are a couple of features of SimpleXML / Classic dashboards that can be used to enhance the user ...

Splunk Observability Cloud's AI Assistant in Action Series: Explaining Metrics and ...

This is the fourth post in the Splunk Observability Cloud’s AI Assistant in Action series that digs into how ...