Splunk api call12/8/2023 ![]() The ‘eai’ part stands for ‘Enterprise Application Integration’, which is an industry standardized framework to enable different systems and applications across an enterprise to exchange data – basically, a universally accepted data exchange format. DELETE – delete an endpoint from the resource hierarchy.Īnother set of concepts that are key to working with many of the Splunk API endpoints is ‘ eai:acl ’, which you’ll see in the output of most Splunk API calls.POST – create a resource or update existing resource data.GET – read the current resource state, or if the endpoint represents a collection, list the members of the collection.These methods are available in Splunk API HTTP calls as: A key concept is that of ‘ CRUD ’, which is an acronym that represents the types of operations or ‘methods’ you can use with an API: Create, Read, Update, and Delete. In addition to endpoints, there are several other concepts that you should be familiar with when working with the Splunk REST API. ![]() For example, the API endpoint URL to obtain basic information about a Splunk server is: This URL will return a list of Splunk applications installed on this server: You can see from the differences in the above examples that the various API ‘endpoints’ for accessing data are simply the different URL paths to those resources. A term that is commonly associated with API discussions is ‘ endpoint ’, which is simply the URL utilized to contact a server or service and specify which information is being accessed. We’ll also provide several use cases and examples you can easily duplicate to take advantage of this powerful feature.Ī REST (Representational State Transfer) API (Application Programming Interface) is a way for computer programs to exchange information in a structured, standardized fashion. This article will explain what the Splunk REST API is all about, how it works, the key concepts you need to know to use it. It may be interesting to note that almost without exception every activity performed in Splunk Web or any Splunk command executed from a command line will result in an API call to the splunkd daemon – which gives you some idea of the coverage and power of the API endpoints. This capability can be leveraged to query, configure, and even run searches in your Splunk environment programmatically utilizing client software based on the popular programming languages C#, Java, JavaScript, or Python, and you can even run REST commands from the Splunk Web Search bar or your browser address bar. The Splunk platform REST API provides the ability to create, read, update, or delete resources across the Splunk Enterprise platform.
0 Comments
Leave a Reply.AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |