Splunk REST API request in JSON format

Splunk Search

Ask a Question

Hello all,

is it possible to call Splunk RestAPI with request in JSON.

I am trying in SOAP UI software, media Type = application/json

And when request is inputed as string:
search=search index=myindex |head 5

I get valid response

But when I try request in json format
{"search": "search index=myindex |head 5"}

I get response:
{"messages": [{
"type": "FATAL",
"text": "Empty search."
}]}

Tried also following requests:
{"search": "index=myindex |head 5"}
{"search": search index=myindex |head 5}
{"body": {"search": "search index=myindex |head 5"}}

Thanks

Splunk REST API request in JSON format

other

How will you .conf21? You decide! Go in-person in Las Vegas, 10/18-10/21, or go online with .conf21 Virtual, 10/19-10/20.

Learn More or Register Now >

Splunk REST API request in JSON format

other

How will you .conf21? You decide! Go in-person in Las Vegas, 10/18-10/21, or go online with .conf21 Virtual, 10/19-10/20. Learn More or Register Now >

How will you .conf21? You decide! Go in-person in Las Vegas, 10/18-10/21, or go online with .conf21 Virtual, 10/19-10/20.

Learn More or Register Now >