Solved: Re: splunk URL query

DTERM · ‎05-24-2011

Is there a method for Splunk to generate a search if another application passes Splunk a URL? For this example, let’s assume I already have a user logged into Splunk to bypass the authentication requirement. Another application will generate a URL directed at the Splunk server with a search string for hostname and IP address.

So, another application will pass a URL that reads (for example) http://--/splunk?host=abc and Splunk will in turn generate a query.

If there are alternative solutions to achieve this, let me know.

TIA

bwooden · ‎05-24-2011

It is possible, yes. In your scenario, you would pass the search "* | head 10" to flashtimeline using the url param q.

http://splunk_server/app/search/flashtimeline?q=search%20*%20|%20head%2010

View solution in original post

bwooden · ‎05-24-2011

It is possible, yes. In your scenario, you would pass the search "* | head 10" to flashtimeline using the url param q.

http://splunk_server/app/search/flashtimeline?q=search%20*%20|%20head%2010

bwooden · ‎05-24-2011

That is if you intend to pass it through the client's browser which already has an authenticated session. You can authenticate through url parameters too by enabling insecure login. If you want to do this all programagically without use of client's browser, you'll want to leverage the REST API.

splunk URL query

Webinar Recap | Revolutionizing IT Operations: The Transformative Power of AI and ML ...

.conf24 | Registration Open!

ICYMI - Check out the latest releases of Splunk Edge Processor