Splunk Search

What endpoint for schedule searches?

ben_leung
Builder

Using REST API to call curl command, what is the exact endpoint to hit in order to create a scheduled search with all options like expiration of alerts etc..

0 Karma
1 Solution

emechler_splunk
Splunk Employee
Splunk Employee

I believe the REST API Tutorial will be helpful here, it walks you through this exact example: http://dev.splunk.com/view/rest-api-tutorials/SP-CAAADQ6

curl  -k -u admin:changeme -d "name=web_errors" -d 'search="source%3D*web.log+status>400"' https://localhost:8089/servicesNS/admin/search/saved/searches

All of the options for the search/saved/searches endpoint can be found here (including alert.expires which defines the alert expiration time): http://docs.splunk.com/Documentation/Splunk/latest/RESTAPI/RESTsearch#saved.2Fsearches

View solution in original post

emechler_splunk
Splunk Employee
Splunk Employee

I believe the REST API Tutorial will be helpful here, it walks you through this exact example: http://dev.splunk.com/view/rest-api-tutorials/SP-CAAADQ6

curl  -k -u admin:changeme -d "name=web_errors" -d 'search="source%3D*web.log+status>400"' https://localhost:8089/servicesNS/admin/search/saved/searches

All of the options for the search/saved/searches endpoint can be found here (including alert.expires which defines the alert expiration time): http://docs.splunk.com/Documentation/Splunk/latest/RESTAPI/RESTsearch#saved.2Fsearches

_gkollias
Builder

Do you have to manually create the /servicesNS/... directory path, or is this created out of the box?

I can't seem to find it under /opt/splunk

Thanks!

0 Karma
Get Updates on the Splunk Community!

AppDynamics Summer Webinars

This summer, our mighty AppDynamics team is cooking up some delicious content on YouTube Live to satiate your ...

SOCin’ it to you at Splunk University

Splunk University is expanding its instructor-led learning portfolio with dedicated Security tracks at .conf25 ...

Credit Card Data Protection & PCI Compliance with Splunk Edge Processor

Organizations handling credit card transactions know that PCI DSS compliance is both critical and complex. The ...