×

Join the Conversation

Without signing in, you're just watching from the sidelines. Sign in or Register to connect, share, and be part of the Splunk Community.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question
whiterd434
Explorer
Member since: ‎09-20-2018
‎06-05-2020
Community Statistics
Posts 4
Solutions 0
Karma Given 5
Karma Received 1
Member Since ‎09-20-2018
Activity Feed
View All

Re: Where can I find documentation on how to updat...

by in Getting Data In
‎09-21-2018 07:15 AM
1 Karma
‎09-21-2018 07:15 AM
1 Karma
I found part of my answer. While I still cannot find specific documentation on creating/updating macros through the API, I found how to update the scope after the fact. payload = {'owner': 'username', 'sharing': 'app'} URL = 'root/servicesNS/username/app_name/admin/macros/macro_name/acl' Access Control List Documentation ... View more

Re: Where can I find documentation on how to updat...

by in Getting Data In
‎09-21-2018 06:12 AM
‎09-21-2018 06:12 AM
I do know where the Splunk documentation is and have already made extensive use of it to get to this point. ... View more

Re: Where can I find documentation on how to updat...

by in Getting Data In
‎09-21-2018 06:11 AM
‎09-21-2018 06:11 AM
Thank you for the response, but the links provided do not provide any information on creating/updating a macro through use of the API. I should have been more specific. I have already searched everything I can think of. The closest I have been able to come is the documentation for "saved searches", but I have been unable to figure out how to modify the app scope of a given macro. ... View more

Where can I find documentation on how to update a ...

by in Getting Data In
‎09-20-2018 01:00 PM
‎09-20-2018 01:00 PM
I have successfully used the code below to create a macro (POST using 'requests' with Python). However, I have been unable to find any documentation that states this being possible. Based on the error messages I came across, "definition" is known as a "handler" within the Splunk API. I am trying to find any other "handlers" that I can target for updating macros. The main thing I would like to accomplish now is to change the permission level of a newly created macro to the app it is inside of (since it defaults to owner only). payload = {'definition': 'query here'} URL = 'root/servicesNS/username/app_name/admin/macros/macro_name' Thank you for your time. -Randall ... View more
Contact Me
Online Status
Offline
Date Last Visited
‎06-05-2020 02:04 AM
Karma from
View All
Karma given to