Solved: Re: Javascript SDK (Nodejs) How should I write my ...

blazergun · ‎04-27-2015

Hi All,

I have Splunk running on my machine. I am using Nodejs (Javascript sdk) to search a query. I am using oneshotSearch to get all the results I want.

Through the web interface, I can run a very simple query host=V-MacBook-Pro.local and this returns me results. I want to search based on host=, because in the real dev environment, I might have logs aggregated and I need to filter out based on host.

This query does not run in my code.
In my code var searchQuery = "_host=V-MacBook-Pro.local" throws up:

[SPLUNKD] Error in 'SearchParser': Missing a search command before '_'. Error at position '0' of search query '_host=V-MacBook-Pro.local'.
Error with "host=V-MacBook-Pro.local" and no result with "search _host=V-MacBook-Pro.local".

How exactly should my search string be to search based on "host" ?

masonmorales · ‎04-27-2015

search host=V-MacBook-Pro.local

View solution in original post

masonmorales · ‎04-27-2015

search host=V-MacBook-Pro.local

blazergun · ‎04-27-2015

Ah, missed one combination and that is the answer 🙂 Thanks.

Javascript SDK (Nodejs) How should I write my search string to search based on host?

Credit Card Data Protection & PCI Compliance with Splunk Edge Processor

Stay Connected: Your Guide to July Tech Talks, Office Hours, and Webinars!

Updated Data Type Articles, Anniversary Celebrations, and More on Splunk Lantern

Are you a member of the Splunk Community?

Javascript SDK (Nodejs) How should I write my search string to search based on host?

Credit Card Data Protection & PCI Compliance with Splunk Edge Processor

Stay Connected: Your Guide to July Tech Talks, Office Hours, and Webinars!

Updated Data Type Articles, Anniversary Celebrations, and More on Splunk Lantern