Splunk REST API reference for Splunk Asset and Risk Intelligence
Splunk Asset and Risk Intelligence uses Splunk REST API endpoints within the application to perform operations that include accessing, creating, updating, and deleting resources.
See the following table for a list of REST API endpoints used by Splunk Asset and Risk Intelligence, their descriptions, and the operations they can perform.
Link to the Splunk Enterprise REST API endpoint | Description | Operations |
---|---|---|
Props | Access, create, update, and delete calculated fields, field extractions, field aliases, lookups, and sourcetypes in props.conf. | GET, POST, DELETE |
Transforms | Access, create, update, and delete field extractions, lookup definitions, and automatic lookups in transforms.conf. | GET, POST, DELETE |
Macros | Access, create, update, and delete tags in tags.conf. | GET, POST, DELETE |
Eventtypes | Access, create, update, and delete event types in eventtypes.conf. | GET, POST, DELETE |
Tags | Access, create, update, and delete tags and event type tags in tags.conf. | GET, POST, DELETE |
Collections | Access, create, update, and delete tags in collections.conf. | GET, POST, DELETE |
Saved Searches | Access, create, update, and delete saved searches and alerts in savedsearches.conf. | GET, POST, DELETE |
Dashboards | Access, create, update, and delete dashboards and dashboard XML code. | GET, POST, DELETE |
Navigation | Access, create, update, and delete navigations in default.xml. | GET, POST, DELETE |
Integrate ServiceNow data with Splunk Asset and Risk Intelligence data | Troubleshoot Splunk Asset and Risk Intelligence |
This documentation applies to the following versions of Splunk® Asset and Risk Intelligence: 1.0.0, 1.0.1, 1.0.2
Feedback submitted, thanks!