For more information on configuration files, see About Configuration Files and Configuration File Precedence in the Splunk Admin manual.
#Splunk enterprise rest api how to
It can be deployed on-premises or in the cloud via the Splunk Cloud Platform. This section describes how to use the Splunk Enterprise REST API to access and update information contained in configuration files (.conf files). It would be helpful for me if i get some links for it as soon as possible. Splunk Enterprise is a data platform designed to help businesses manage big data and analyze machine data.
#Splunk enterprise rest api code
I have a hard time searching in the web, but unable to find the right sort of code that works. Other endpoints support migrating the Company whitelist to a Safelist library, retrieve a Safelist library by its GUID, parse terms from a chunk of text, and get the list of summaries for the Safelist libraries for your organization.Įndpoints to search for Indicators and update tags.Įndpoints to get observables in a submission, search for observables, and remove or add tags to an observable.Įndpoints for submissions (Intelligence Sources, Events, or Indicators) that you can use to get status, search, redact text, or alter tags.Įndpoints to create, update, upsert, find, or delete Events.Įndpoints to create, update, upsert, find, or delete Indicators.Įndpoints to create, update, upsert, find, or delete Intelligence.Įndpoints that support Intel Workflow functionality. 09-03-2021 07:20 AM Hi team, I need a golang REST API code for sending the json logs to splunk enterprise. Splunk, Splunk, Listen to Your Data, The Engine for Machine Data, Splunk Cloud, Splunk Light and SPL are trademarks and registered trademarks of Splunk Inc. Gets a list of Enclaves that the user has permissions to access.Įndpoints to create a new Safelist library, add or delete entries, and delete a Safelist library. The API provides endpoints for these functional areas of the Splunk Intelligence Management platform:Įndpoints for Authentication (API Key and API Secret).
Some endpoints can be used for any Submission, while other endpoints are specific to one type of Submission, for example, Submission Event endpoints. Introduces the term Submission to cover Intelligence Sources, Events, and Indicators.Version 2.0 introduces some changes from previous versions of the Splunk Intelligence Management REST API: All API access is over HTTPS, and all data is transmitted securely in JSON format. The Splunk Intelligence Management REST API enables you to easily synchronize report information available in Splunk Intelligence Management with the monitoring tools and analysis workflows you use in your infrastructure.
0 kommentar(er)
