Using Curl to Query Splunk

Do the Search

The search will run in the background.

curl -k -u joel:"Not my real passw0rd" https://splunk-logs-api.gadgetwiz.com/services/search/jobs -d index='birdfart' -d host='host www*' -d search='search messagestoparse*' -d output_mode=json

Next. Check the status of the search

Just look on this until you get the result dispatchState is true. If you want to pipe it into "python -m json.tool”, you can see the entire output.

curl -s -k -u joel:"Not my real passw0rd" https://splunk-logs-api.gadgetwiz.com/services/search/jobs/1582732743.905828_49A6DDCD-9B76-40F3-AD33-C2872EA0B016  | grep dispatchState

Finally Retrieve your results

curl -s -k -u jg063194:”Not my real passw0rd” https://splunk-logs-api.birdfart.com/services/search/jobs/1582732743.905828_49A6DDCD-9B76-40F3-AD33-C2872EA0B016

Leave a Reply

Your email address will not be published. Required fields are marked *