Splunk Search
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question
Solved! Jump to solution

What is the best way to get list of index in my splunk

ma_anand1984
Contributor
‎10-19-2012 04:45 AM

Currently i'm running this command for 2 days, it takes quite a lot of time

index=* | stats count by index

Is there a better to get list of index? Since its like a table created in splunk. it should be fairly easy to get it some other way.

Tags (2)
Reply
1 Solution
Solved! Jump to solution
Solution

ma_anand1984
Contributor
‎10-19-2012 05:00 AM

refer: http://splunk-base.splunk.com/answers/39370/is-it-possibl-to-get-a-list-of-available-indices




| eventcount summarize=false index=* index=_* | dedup index | fields index

View solution in original post

Reply
Solved! Jump to solution

jcorcoran508
Path Finder
‎04-14-2020 06:58 AM

This spl strings worked on instance. Thank you for sharing
index=* | stats count by index
| rest /services/data/indexes
| eventcount summarize=false index=* index=_* | dedup index | fields index

0 Karma
Reply
Solved! Jump to solution

tompai
New Member
‎03-05-2020 04:13 AM

Settings -> Indexes ?

0 Karma
Reply
Solved! Jump to solution
Solution

ma_anand1984
Contributor
‎10-19-2012 05:00 AM

refer: http://splunk-base.splunk.com/answers/39370/is-it-possibl-to-get-a-list-of-available-indices




| eventcount summarize=false index=* index=_* | dedup index | fields index

Reply
Solved! Jump to solution

Ayn
Legend
‎10-19-2012 04:50 AM

You can get all kinds of info about your indexes by hitting the REST endpoint data/indexes:

| rest /services/data/indexes
Reply
Solved! Jump to solution

sloshburch
Splunk Employee
Splunk Employee
‎02-11-2013 11:13 AM

Thank you for the rest command! I hadn't thought of that and that contains so much of the data I've been looking for.

Reply
Solved! Jump to solution

DUThibault
Contributor
‎11-23-2017 08:39 AM

How do you use this in, say, a custom app's input panel? If I try running the 'rest /services/data/indexes' search, I get "No results found", even with the time set to "All time". Like for mendesjo, 'eventcount' reports "No results found".

0 Karma
Reply
Solved! Jump to solution

mendesjo
Path Finder
‎09-02-2015 02:41 PM

| eventcount summarize=false index= index=_ | dedup index | fields index

doesn't work I get "no results found"

0 Karma
Reply
Solved! Jump to solution

ma_anand1984
Contributor
‎10-19-2012 04:59 AM

Thanks ayn for the quick reply. I was looking for the answer mentioned in
http://splunk-base.splunk.com/answers/39370/is-it-possibl-to-get-a-list-of-available-indices
I should have checked it before posting this question

0 Karma
Reply
Get Updates on the Splunk Community!

Observability | How to Think About Instrumentation Overhead (White Paper)

Novice observability practitioners are often overly obsessed with performance. They might approach ...

Cloud Platform | Get Resiliency in the Cloud Event (Register Now!)

IDC Report: Enterprises Gain Higher Efficiency and Resiliency With Migration to Cloud  Today many enterprises ...

The Great Resilience Quest: 10th Leaderboard Update

The tenth leaderboard update (11.23-12.05) for The Great Resilience Quest is out >> As our brave ...