App has moved (URL) 😉 I'm wondering if there's an equivalent of all the curl solutions in a search query format - not from the CLI but the UI, as I have more or less the same question as topicstarter.
On my webinterface of the heavy forwarder, I'd like to run a (remote) saved search on the search head, to check for the license usage and if >99% stop the heavy forwarding mechanism. This works fine on my testing environment with a single instance machine performing all splunk functionalities on 1 machine.
I can run a CLI sh file connecting and executing the search, but a security issue is I have to plain text include admin:password in the file as every splunk server has its own credentials. Also, on the production environment I don't want to create scripts on the commandline; the general idea is to keep all in the UI and saved searches and prevent prompt access to files.
So in brief: does something like "| rest endpoint=searchheaduriorname:8089 | search /services/somequeryremotely" exist, or is it intentionally or not made available with REST?
... View more