Splunk rest api4/8/2023 ![]() ![]() Once completed, I conducted tests by also running the searches via the REST API so I have documented that method as well. I wanted to implement the gathering of results with a cron-scheduled bash script, so I decided to write the script with the scheduled search method. Use the Splunk REST API to manage KV Store collections and data in Splunk Cloud Platform or Splunk Enterprise On this page Splunk REST endpoints for KV Store Examples See also You can create, read, update, delete, and manage KV Store data and collections using the Splunk REST API. We can run the search on a schedule and then pull the results right away, or we can pull the results of a scheduled saved search. We can accomplish my goal one of two ways. The local Splunk instance is running on IP address 192.168.0.70 with the default REST interface running HTTPS on TCP 8089. This data is already indexed on my local Splunk instance so all I have to do is search for it. ![]() One of the things I wanted to display was the count of accepted and blocked connections through my firewall. By using the REST Modular input, Firstly, go to the Splunkbase & download the latest release. I don’t think they had a good proof of concept that showed a fully working use case however, their documentation on all the available features is quite in-depth: How to get data from REST APIs into Splunk. ![]() I was able to complete this task utilizing the documentation that Splunk has provided for searching via the REST API. Therefore, I wanted a way to display all of the data with the console. Finagle, and Jersey to provide RPC and REST APIs, and are built as Docker containers and hosted in Amazon AWS. This display board would be simple enough to just present a number of Splunk dashboards on the display, while being able to avoid running a window environment, web browser, and all of the associated overhead on my relatively weak Pi Zero W. Software Engineer across several Splunk products. The majority of the Splunk Enterprise SDK for Java API follows a convention of exposing resources as collections of entities, where an entity is a resource that has properties, actions, and metadata that describes the entity. As a way to justify essentially useless equipment around my house, I wanted to make a Raspberry Pi driven display board. The Splunk REST API consists of over 160 endpoints that provide access to almost every feature of Splunk. ![]()
0 Comments
Leave a Reply.AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |