I know this question has been asked a few times but none of the answers seem to work for me.
I have a saved search called usernameSearch and want to execute it synchronously using Splunk's REST AP...
Is there any way how I can get JSON raw data from Splunk for a given query?
Consider the following timechart query:
index=* earliest=<from_time> latest=<to_time> | timechart span=...