XML and CLI based web services
Base API Structure and Background at
http://docs.splunk.com/Documentation/Splunk/latest/RESTAPI/RESTcontents
Current Version: 1.0.0.6
Required Version of CPO: 2.3.5
Release date: 05-02-2013
NOTE: This pack requires the automation functions tool pack listed below. It is a community tap so you can use at will but there is no support for it. If you have questions, email me @ shaurobe@cisco.com
You can find information on the Automation Functions Tool pack @
https://supportforums.cisco.com/docs/DOC-30485
Function List
ChangeJobStatus - Controls the status of a search job
Inputs:
Input.Job.Status - what job status to put search job in (cancel, etc)
Input.SearchId - search id of the search job to control
Returns:
Output.Results.XML - XML output of the webcall.
CreateMonitor - Creates a monitor for a file or directory
Inputs:
Input.File.Or.Directory.To.Monitor - input file or directory to setup monitor on
Returns:
Output.XML - XML output of the webcall.
CreateSearchJob - Creates a new search job
Inputs:
Input.Max.Count - max count to return to search
Input.Search.Id - search ID to be defined if you do not want a system generated search id
Input.Search.String - search string for splunk - function will escape chracters for you
Returns:
Output.Search.Id - search id that is produced from this web call
CreateSearchJobWithTimeBounds - Creates a new search job with time bounded searching
Inputs:
Input.Max.Count - max count to return to search
Input.Search.Id - search ID to be defined if you do not want a system generated search id
Input.Search.String - search string for splunk - function will escape chracters for you
Input.Earliest.Time - beginning time bound for your search
Input.Latest.Time - ending time bound for your search
Input.Search.TimeOut - how long to keep the search in splunk
Returns:
Output.Search.Id - search id that is produced from this web call
DeleteMonitor - Delete a monitor
Inputs:
Input.Monitor.Name - name of monitor to delete
Returns:
Output.Xml - xml output of webcall
DeleteSavedSearch - deletes a saved search
Inputs:
Input.Saved.Search.Name - name of search to delete
Returns:
Output.XML - XML output of the webcall.
DeleteSearchJob - deletes a search job
Inputs:
Input.Search.Id - search ID to be deleted
Returns:
Output.XML - XML output of the webcall.
GetAllSearches - Returns all searches in system
Inputs:
Input.Max.Count - max amount of results to return
Input.Search - search string to find searches
Returns:
Output.XML - XML output of the webcall.
Output.Search.Count - total amount of searches returned
GetAndSetAuthToken - logs into splunk for further web calls
Inputs:
None (note: You have to configure the username and password on the extended target properties of the splunk web target)
Returns:
None (note: session key and authorization headers are stored in the extended target properties of the splunk web target)
GetDataInputMonitors - searches for data monitors
Inputs:
Input.Max.Count - max amount of monitors to return
Input.Search - search to run for monitors
Returns:
Output.XML - XML output of the webcall.
Output.Search.Count - total amount of monitors returned
GetIndexByName - returns a single index
Inputs:
Input.Index.Name - name of index to get
Returns:
Output.XML - XML output of the webcall.
GetIndexes - searches for multiple indexes
Inputs:
Input.Max.Count - max amount of indexes to return
Input.Search - search criteria when looking for indexesI
Outputs:
Output.XML - XML output of the webcall.
Output.Search.Count - total count of indexes returned
GetMonitorByName - returns one monitor by name
Inputs:
Input.Name - name of monitor to get, this is escaped by function
Input.Return.Members - True to return members of monitor, false to not
Outputs:
Output.Monitor.Results.XML - XML output of the webcall.
Output.Monitor.Member.Results.XML - xml of the members if requested
GetSearchById - returns a single search via ID
Inputs:
Input.SearchId - search ID to return
Outputs:
Output.XML - XML output of the webcall.
GetSearchIDResults - returns results of a search
Inputs:
Input.SearchID - search id to return results of
Outputs:
Output.XML - XML output of the webcall.
GetSearchIDSearchLog - returns log of a search
Inputs:
Input.SearchID - search id to return results of
Outputs:
Output.XML - XML output of the webcall.
GetSearchIDSearchSummary - returns summary of a search
Inputs:
Input.SearchID - search id to return results of
Outputs:
Output.XML - XML output of the webcall.