Acknowledges the suppression of the alerts from a saved search and resumes alerting.
Acknowledges the suppression of the alerts from a saved search and resumes alerting.
| Name | Type | Description |
|---|---|---|
| response_timeout | Number | A timeout period for aborting a request in milisecs (0 means no timeout). |
let savedSearch = service.savedSearches().item("MySavedSearch");
let search = await savedSearch.acknowledge();
console.log("ACKNOWLEDGED");
acknowledge: function(response_timeout) {
var that = this;
let req = this.post("acknowledge", {},response_timeout).catch((err) => {
throw [err, that];
});
return req;
},Gets the count of triggered alerts for this savedSearch, defaulting to 0 when undefined.
The count of triggered alerts.
let savedSearch = service.savedSearches().item("MySavedSearch");
let alertCount = savedSearch.alertCount();
alertCount: function() {
return parseInt(this.properties().triggered_alert_count, 10) || 0;
},Dispatches a saved search, which creates a search job and returns a splunkjs.Service.Job instance in the response array.
| Name | Type | Description |
|---|---|---|
| options | Object | The options for dispatching this saved search: |
| response_timeout | Number | A timeout period for aborting a request in milisecs (0 means no timeout). |
let savedSearch = service.savedSearches().item("MySavedSearch");
let [job, savedSearch] = await savedSearch.dispatch({force_dispatch: false});
console.log("Job SID: ", job.sid);
dispatch: function(options, response_timeout) {
if (!response_timeout && utils.isNumber(options)) {
response_timeout = options;
options = {};
}
options = options || {};
var that = this;
let req = this.post("dispatch", options, response_timeout).then((response) => {
let sid = response.data.sid;
let job = new root.Job(that.service, sid, that.namespace);
return [job, that];
});
return req;
},Gets the splunkjs.Service.FiredAlertGroup for firedAlerts associated with this saved search.
An AlertGroup object with the
same name as this SavedSearch object.
let alerts = service.firedAlertGroups().item("MySavedSearch");
firedAlertGroup: function() {
return new root.FiredAlertGroup(this.service, this.name);
},Retrieves the job history for a saved search, which is a list of splunkjs.Service.Job instances.
| Name | Type | Description |
|---|---|---|
| options | Object | Options for retrieving history. For a full list, see the Pagination and Filtering options in the REST API documentation. |
| response_timeout | Number | A timeout period for aborting a request in milisecs (0 means no timeout). |
let savedSearch = service.savedSearches().item("MySavedSearch");
let [jobs, search] = await savedSearch.history({count: 10});
for(let i = 0; i < jobs.length; i++) {
console.log("Job", i, ":", jobs[i].sid);
}
history: function(options, response_timeout) {
if (!response_timeout && utils.isNumber(options)) {
response_timeout = options;
options = {};
}
options = options || {};
var that = this;
return this.get("history", options, response_timeout).then((response) => {
let jobs = [];
let data = response.data.entry || [];
for(let i = 0; i < data.length; i++) {
let jobData = response.data.entry[i];
let namespace = utils.namespaceFromProperties(jobData);
let job = new root.Job(that.service, jobData.name, namespace);
job._load(jobData);
jobs.push(job);
}
return [jobs, that];
});
},Constructor for splunkjs.Service.SavedSearch.
| Name | Type | Description |
|---|---|---|
| service | splunkjs.Service | A |
| name | String | The name for the new saved search. |
| namespace | Object | Namespace information: |
A new splunkjs.Service.SavedSearch instance.
init: function(service, name, namespace) {
this.name = name;
this._super(service, this.path(), namespace);
this.acknowledge = utils.bind(this, this.acknowledge);
this.dispatch = utils.bind(this, this.dispatch);
this.history = utils.bind(this, this.history);
this.suppressInfo = utils.bind(this, this.suppressInfo);
},Retrieves the REST endpoint path for this resource (with no namespace).
path: function() {
return Paths.savedSearches + "/" + encodeURIComponent(this.name);
},Retrieves the suppression state of a saved search.
| Name | Type | Description |
|---|---|---|
| response_timeout | Number | A timeout period for aborting a request in milisecs (0 means no timeout). |
let savedSearch = service.savedSearches().item("MySavedSearch");
let [suppressionState, search] = await savedSearch.history();
console.log("STATE: ", suppressionState);
suppressInfo: function(response_timeout) {
var that = this;
return this.get("suppress", {}, response_timeout).then((response) => {
return [response.data.entry.content, that];
});
},Updates the saved search on the server.
Note: The search query is required, even when it isn't being modified. If you don't provide it, this method will fetch the search string from the server or from the local cache.
| Name | Type | Description |
|---|---|---|
| props | Object | The properties to update the saved search with. For a list of available parameters, see Saved search parameters on Splunk Developer Portal. |
| response_timeout | Number | A timeout period for aborting a request in milisecs (0 means no timeout). |
update: function(params, response_timeout) {
if (utils.isNumber(params) && !response_timeout) {
response_timeout = params;
params = {};
}
params = params || {};
if (!params.search) {
let update = this._super;
let req = this.fetch({}, response_timeout).then((search) => {
params.search = search.properties().search;
return update.call(search, params, response_timeout);
});
return req;
}
else {
return this._super(params, response_timeout);
}
}
});Loads the entity and stores the properties.
| Name | Type | Description |
|---|---|---|
| properties | Object | The properties for this entity. |
_load: function(properties) {
properties = utils.isArray(properties) ? properties[0] : properties;
// Initialize the properties to
// empty values
properties = properties || {
content: {},
fields: {},
acl: {},
links: {}
};
this._super(properties);
// Take out the entity-specific content
this._properties = properties.content || {};
this._fields = properties.fields || this._fields || {};
this._acl = properties.acl || {};
this._links = properties.links || {};
this._author = properties.author || null;
this._updated = properties.updated || null;
this._published = properties.published || null;
},Retrieves the access control list (ACL) information for this entity, which contains the permissions for accessing the entity.
The ACL.
acl: function() {
return this._acl;
},Update the access control list (ACL) information for this entity, which contains the permissions for accessing the entity.
| Name | Type | Description |
|---|---|---|
| options | Object | Additional entity-specific arguments (required): |
| response_timeout | Number | A timeout period for aborting a request in milisecs (0 means no timeout). |
let savedSearches = svc.savedSearches({ owner: "owner-name", app: "app-name"});
let search = await searches.create({ search: "search * | head 1", name: "acl_test" });
search = await search.acl_update({sharing:"app",owner:"admin","perms.read":"admin"});
acl_update: function(options, response_timeout) {
if(!options.hasOwnProperty("sharing")) {
throw new Error("Required argument 'sharing' is missing.");
}
if(!options.hasOwnProperty("owner")) {
throw new Error("Required argument 'owner' is missing.");
}
return this.post("acl", options, response_timeout).then((res)=>{
return this.fetch({});
});
},Retrieves the author information for this entity.
The author.
author: function() {
return this._author;
},Create the URL for the get and post methods This is to allow v1 fallback if the service was instantiated with v2+ and a relpath v1 was provided
| Name | Type | Description |
|---|---|---|
| qualifiedPath | String | A fully-qualified relative endpoint path (for example, "/services/search/jobs"). |
| relpath | String | A relative path to append to the endpoint path. |
// Parameters
v2 example:
qualifiedPath = "/servicesNS/admin/foo/search/v2/jobs/id5_1649796951725"
qualifiedPath = "/services/search/v2/jobs/id5_1649796951725"
relpath = "search/v2/jobs/id5_1649796951725/events"
relpath = "events"
// Step 1:
Specifically for splunkjs.Service.Job method, the service endpoint may be provided
Retrieve the service prefix and suffix
servicesNS:
- servicePrefix = "/servicesNS/admin/foo"
- serviceSuffix = "foo/v2/jobs/id5_1649796951725"
services:
- servicePrefix = "/services"
- serviceSuffix = "search/v2/jobs/id5_1649796951725"
// Step 2:
Retrieve Service API version
If version can't be detected, default to 1 (v1)
qualifiedPathVersion = 2
// Step 3:
Retrieve relpath version
If version can't be detected, default to 1 (v1)
relpath = "search/v2/jobs/id5_1649796951725/events"
=> relPathVersion = 2
Check if relpath is a one segment relative path, if so, set to -1
relpath = "events"
=> relPathVersion = -1
// Step 4:
Create the URL based on set criteria
url = "/servicesNS/admin/foo/search/v2/jobs/id5_1649796951725/events"
url = "/services/search/v2/jobs/id5_1649796951725/events"
createUrl: function (qualifiedPath, relpath) {
var url = qualifiedPath,
servicePrefix = qualifiedPath.replace(/(\/services|\/servicesNS\/[^/]+\/[^/]+)\/(.*)/, "$1"),
serviceSuffix = qualifiedPath.replace(/(\/services|\/servicesNS\/[^/]+\/[^/]+)\/(.*)/, "$2"),
qualifiedPathVersionMatch = qualifiedPath.match(/\/(?:servicesNS\/[^/]+\/[^/]+|services)\/[^/]+\/v(\d+)\//),
qualifiedPathVersionMatch = qualifiedPathVersionMatch ? qualifiedPathVersionMatch.length : 0,
qualifiedPathVersion = qualifiedPathVersionMatch || 1,
relPathVersionMatch = relpath.match(/^[^/]+\/v(\d+)\//),
relPathVersionMatch = relPathVersionMatch ? relPathVersionMatch.length : 0,
relPathVersion = relPathVersionMatch || 1;
if (relpath.indexOf('/') == -1) {
relPathVersion = -1;
}Performs a relative DELETE request on an endpoint's path, combined with the parameters and a relative path if specified.
| Name | Type | Description |
|---|---|---|
| relpath | String | A relative path to append to the endpoint path. |
| params | Object | A dictionary of entity-specific parameters to add to the query string. |
| response_timeout | Number | A timeout period for aborting a request in milisecs (0 means no timeout). |
// Will make a request to {service.prefix}/search/jobs/123456
let endpoint = new splunkjs.Service.Endpoint(service, "search/jobs/12345");
let res = await endpoint.delete("", {});
console.log("DELETED");
del: function(relpath, params, response_timeout) {
let url = this.qualifiedPath;
// If we have a relative path, we will append it with a preceding
// slash.
if (relpath) {
url = url + "/" + relpath;
}
return this.service.del(
url,
params,
response_timeout
);
}
});Disables the entity on the server.
| Name | Type | Description |
|---|---|---|
| response_timeout | Number | A timeout period for aborting a request in milisecs (0 means no timeout). |
disable: function(response_timeout) {
var that = this;
return this.post("disable", {}, response_timeout).then((response) => {
return that;
});;
},Enables the entity on the server.
| Name | Type | Description |
|---|---|---|
| response_timeout | Number | A timeout period for aborting a request in milisecs (0 means no timeout). |
enable: function(response_timeout) {
var that = this;
return this.post("enable", {}, response_timeout).then((response)=>{
return that;
});
},Refreshes the entity by fetching the object from the server and loading it.
| Name | Type | Description |
|---|---|---|
| options | Object | An optional dictionary of collection filtering and pagination options: |
| response_timeout | Number | A timeout period for aborting a request in milisecs (0 means no timeout). |
fetch: function(options, response_timeout) {
if (utils.isNumber(options) && !response_timeout) {
response_timeout = options;
options = {};
}
options = options || {};
var that = this;
return this.get("", options, response_timeout).then((res) => {
that._load(res.data ? res.data.entry : null);
return that;
});
},A static property that indicates whether to call fetch after an update to get the updated entity. By default, the entity is not fetched because the endpoint returns (echoes) the updated entity.
fetchOnUpdate: false,Retrieves the fields information for this entity, indicating which fields are wildcards, required, and optional.
The fields information.
fields: function() {
return this._fields;
},Performs a relative GET request on an endpoint's path, combined with the parameters and a relative path if specified.
| Name | Type | Description |
|---|---|---|
| relpath | String | A relative path to append to the endpoint path. |
| params | Object | A dictionary of entity-specific parameters to add to the query string. |
| response_timeout | Number | A timeout period for aborting a request in milisecs (0 means no timeout). |
// Will make a request to {service.prefix}/search/jobs/123456/results?offset=1
let endpoint = new splunkjs.Service.Endpoint(service, "search/jobs/12345");
let res = await endpoint.get("results", {offset: 1});
console.log("DONE");
get: function(relpath, params, response_timeout, isAsync) {
let url = this.createUrl(this.qualifiedPath, relpath);
return this.service.get(
url,
params,
response_timeout,
isAsync
);
},Retrieves the links information for this entity, which is the URI of the entity relative to the management port of a Splunk instance.
The links information.
links: function() {
return this._links;
},Performs a relative POST request on an endpoint's path, combined with the parameters and a relative path if specified.
| Name | Type | Description |
|---|---|---|
| relpath | String | A relative path to append to the endpoint path. |
| params | Object | A dictionary of entity-specific parameters to add to the body. |
| response_timeout | Number | A timeout period for aborting a request in milisecs (0 means no timeout). |
// Will make a request to {service.prefix}/search/jobs/123456/control
let endpoint = new splunkjs.Service.Endpoint(service, "search/jobs/12345");
let res = await endpoint.post("control", {action: "cancel"});
console.log("CANCELLED");
post: function(relpath, params, response_timeout) {
let url = this.createUrl(this.qualifiedPath, relpath);
return this.service.post(
url,
params,
response_timeout
);
},Retrieves the current properties for this resource.
The properties.
properties: function() {
return this._properties;
},Retrieves the published time for this entity.
The published time.
published: function() {
return this._published;
},Reloads the entity on the server.
| Name | Type | Description |
|---|---|---|
| response_timeout | Number | A timeout period for aborting a request in milisecs (0 means no timeout). |
reload: function(response_timeout) {
var that = this;
return this.post("_reload", {}, response_timeout)
.then((res) => {
return that;
});
}
});Deletes the entity from the server.
| Name | Type | Description |
|---|---|---|
| response_timeout | Number | A timeout period for aborting a request in milisecs (0 means no timeout). |
remove: function(response_timeout) {
return this.del("", {}, response_timeout);
},Retrieves the current full state (properties and metadata) of this resource.
The current full state of this resource.
state: function() {
return this._state;
}
});Retrieves the updated time for this entity.
The updated time.
updated: function() {
return this._updated;
},