Splunk Search
Highlighted

Javascript SDK (Nodejs) How should I write my search string to search based on host?

Engager

Hi All,

I have Splunk running on my machine. I am using Nodejs (Javascript sdk) to search a query. I am using oneshotSearch to get all the results I want.

Through the web interface, I can run a very simple query host=V-MacBook-Pro.local and this returns me results. I want to search based on host=, because in the real dev environment, I might have logs aggregated and I need to filter out based on host.

This query does not run in my code.
In my code var searchQuery = "_host=V-MacBook-Pro.local" throws up:

[SPLUNKD] Error in 'SearchParser': Missing a search command before '_'. Error at position '0' of search query '_host=V-MacBook-Pro.local'.
Error with "host=V-MacBook-Pro.local" and no result with "search _host=V-MacBook-Pro.local". 

How exactly should my search string be to search based on "host" ?

0 Karma
Highlighted

Re: Javascript SDK (Nodejs) How should I write my search string to search based on host?

Influencer

search host=V-MacBook-Pro.local

View solution in original post

Highlighted

Re: Javascript SDK (Nodejs) How should I write my search string to search based on host?

Engager

Ah, missed one combination and that is the answer 🙂 Thanks.