SavedSearch (splunk 1.9.1 API)

java.lang.Object
- com.splunk.Resource
- - com.splunk.Entity
  - - com.splunk.SavedSearch

All Implemented Interfaces:

Map<String,Object>
```
public class SavedSearch
extends Entity
```
The SavedSearch class represents a saved search.

Nested Class Summary
- Nested classes/interfaces inherited from interface java.util.Map
  Map.Entry<K,V>

Field Summary
- Fields inherited from class com.splunk.Entity
  content, toUpdate
- Fields inherited from class com.splunk.Resource
  actions, path, refreshArgs, service, title, updated

Method Summary

All Methods Instance Methods Concrete Methods Deprecated Methods
Modifier and Type	Method and Description
`void`	`acknowledge()` Acknowledges the suppression of alerts from this saved search and resumes alerting.
`protected String`	`actionPath(String action)` Returns the path that corresponds to the requested action.
`Job`	`dispatch()` Runs the saved search.
`Job`	`dispatch(Map args)` Runs the saved search using dispatch arguments.
`Job`	`dispatch(SavedSearchDispatchArgs args)` Runs the saved search using dispatch arguments.
`String`	`getActionEmailAuthPassword()` Returns the email password.
`String`	`getActionEmailAuthUsername()` Returns the email username.
`String`	`getActionEmailBcc()` Returns the blind carbon copy (BCC) email address.
`String`	`getActionEmailCc()` Returns the carbon copy (CC) email address.
`String`	`getActionEmailCommand()` Returns the search command (or pipeline) that runs the action.
`String`	`getActionEmailFormat()` Returns the format of text in the email.
`String`	`getActionEmailFrom()` Returns the email sender's name.
`String`	`getActionEmailHostname()` Returns the host name used in the web link (URL) that is sent in email alerts.
`boolean`	`getActionEmailInline()` Indicates whether the search results are contained in the body of the email.
`String`	`getActionEmailMailServer()` Returns the address of the MTA server that is used to send the emails.
`int`	`getActionEmailMaxResults()` Returns the maximum number of search results to send in email alerts.
`String`	`getActionEmailMaxTime()` Returns the maximum amount of time an email action takes before the action is canceled.
`String`	`getActionEmailPdfView()` Returns the name of the view to deliver if `ActionEmailSendPdf` is enabled.
`String`	`getActionEmailPreProcessResults()` Returns the search string for pre-processing results before emailing them.
`String`	`getActionEmailReportPaperOrientation()` Returns the paper orientation.
`String`	`getActionEmailReportPaperSize()` Returns the paper size for PDFs.
`boolean`	`getActionEmailReportServerEnabled()` Indicates whether the PDF server is enabled.
`String`	`getActionEmailReportServerUrl()` Returns the URL of the PDF report server, if one is set up and available on the network.
`boolean`	`getActionEmailSendPdf()` Indicates whether to create and send the results in PDF format.
`boolean`	`getActionEmailSendResults()` Indicates whether search results are attached to an email.
`String`	`getActionEmailSubject()` Returns the subject line of the email.
`String`	`getActionEmailTo()` Returns a list of email recipients.
`boolean`	`getActionEmailTrackAlert()` Indicates whether running this email action results in a trackable alert.
`String`	`getActionEmailTtl()` Returns the minimum time-to-live (ttl) of search artifacts if this email action is triggered.
`boolean`	`getActionEmailUseSsl()` Indicates whether to use secure socket layer (SSL) when communicating with the SMTP server.
`boolean`	`getActionEmailUseTls()` Indicates whether to use transport layer security (TLS) when communicating with the SMTP server.
`boolean`	`getActionEmailWidthSortColumns()` Indicates whether columns should be sorted from least wide to most wide, left to right.
`String`	`getActionPopulateLookupCommand()` Returns the search command (or pipeline) that runs the action.
`String`	`getActionPopulateLookupDest()` Returns the name of the lookup table or lookup path to populate.
`String`	`getActionPopulateLookupHostname()` Returns the host name used in the web link (URL) that is sent in populate-lookup alerts.
`int`	`getActionPopulateLookupMaxResults()` Returns the maximum number of search results to send in populate-lookup alerts.
`String`	`getActionPopulateLookupMaxTime()` Returns the maximum amount of time an alert action takes before the action is canceled.
`boolean`	`getActionPopulateLookupTrackAlert()` Indicates whether running this populate-lookup action results in a trackable alert.
`String`	`getActionPopulateLookupTtl()` Returns the minimum time-to-live (ttl) of search artifacts if this populate-lookup action is triggered.
`String`	`getActionRssCommand()` Returns the search command (or pipeline) that runs the action.
`String`	`getActionRssHostname()` Returns the host name used in the web link (URL) that is sent in RSS alerts.
`int`	`getActionRssMaxResults()` Returns the maximum number of search results to send in RSS alerts.
`String`	`getActionRssMaxTime()` Returns the maximum amount of time an RSS alert action takes before the action is canceled.
`boolean`	`getActionRssTrackAlert()` Indicates whether running this RSS action results in a trackable alert.
`String`	`getActionRssTtl()` Returns the minimum time-to-live (ttl) of search artifacts if this RSS action is triggered.
`String`	`getActionScriptCommand()` Returns the search command (or pipeline) that runs the action.
`String`	`getActionScriptFilename()` Returns the filename of the script to call.
`String`	`getActionScriptHostname()` Returns the host name used in the web link (URL) that is sent in script alerts.
`int`	`getActionScriptMaxResults()` Returns the maximum number of search results to send in script alerts.
`String`	`getActionScriptMaxTime()` Returns the maximum amount of time a script action takes before the action is canceled.
`boolean`	`getActionScriptTrackAlert()` Indicates whether running this script action results in a trackable alert.
`String`	`getActionScriptTtl()` Returns the minimum time-to-live (ttl) of search artifacts if this script action is triggered.
`String`	`getActionSummaryIndexCommand()` Returns the search command (or pipeline) that runs the action.
`String`	`getActionSummaryIndexHostname()` Returns the host name used in the web link (URL) that is sent in summary-index alerts.
`boolean`	`getActionSummaryIndexInline()` Indicates whether to run the summary indexing action as part of the scheduled search.
`int`	`getActionSummaryIndexMaxResults()` Returns the maximum number of search results to send in summary-index alerts.
`String`	`getActionSummaryIndexMaxTime()` Returns the maximum amount of time a summary action takes before the action is canceled.
`String`	`getActionSummaryIndexName()` Returns the name of the summary index where the results of the scheduled search are saved.
`boolean`	`getActionSummaryIndexTrackAlert()` Indicates whether running this summary-index action results in a trackable alert.
`String`	`getActionSummaryIndexTtl()` Returns the minimum time-to-live (ttl) of search artifacts if a summary-index action is triggered.
`String`	`getAlertComparator()` Returns the alert comparator.
`String`	`getAlertCondition()` Returns a conditional search that is evaluated against the results of the saved search.
`boolean`	`getAlertDigestMode()` Indicates whether Splunk applies the alert actions to the entire result set (digest) or to each individual search result (per result).
`String`	`getAlertExpires()` Returns the amount of time to show the alert in the dashboard.
`int`	`getAlertSeverity()` Returns the alert severity level.
`boolean`	`getAlertSuppress()` Indicates whether alert suppression is enabled for this search.
`String`	`getAlertSuppressFields()` Returns a list of fields to use for alert suppression.
`String`	`getAlertSuppressPeriod()` Returns the alert suppression period, which is only valid if `AlertSuppress` is enabled.
`String`	`getAlertThreshold()` Returns the value to compare to before triggering the alert action.
`String`	`getAlertTrack()` Returns a value that indicates how to track the actions triggered by this saved search.
`String`	`getAlertType()` Returns a value that indicates what to base the alert on.
`String`	`getCronSchedule()` Returns the cron-style schedule for running this saved search.
`String`	`getDescription()` Returns a description of this saved search.
`int`	`getDispatchBuckets()` Returns the maximum number of timeline buckets.
`String`	`getDispatchEarliestTime()` Returns the earliest time for this search.
`String`	`getDispatchLatestTime()` Returns the latest time for this search.
`boolean`	`getDispatchLookups()` Indicates whether lookups are enabled for this search.
`int`	`getDispatchMaxCount()` Returns the maximum number of results before finalizing the search.
`int`	`getDispatchMaxTime()` Returns the maximum amount of time before finalizing the search.
`boolean`	`getDispatchRealTimeBackfill()` Indicates whether to back fill the real-time window for this search.
`int`	`getDispatchReduceFrequency()` Returns how frequently Splunk runs the MapReduce reduce phase on accumulated map values.
`boolean`	`getDispatchRtBackfill()` Deprecated. Use `getDispatchRealTimeBackfill()` instead.
`boolean`	`getDispatchSpawnProcess()` Indicates whether Splunk spawns a new search process when running this saved search.
`String`	`getDispatchTimeFormat()` Returns the time format used to specify the earliest and latest times for this search.
`String`	`getDispatchTtl()` Returns the time to live (ttl) for artifacts of the scheduled search (the time before the search job expires and artifacts are still available), if no alerts are triggered.
`String`	`getDisplayView()` Returns the default view in which to load results.
`String`	`getEmbedToken()` Returns the authorization token for embedding the search.
`int`	`getMaxConcurrent()` Returns the maximum number of concurrent instances of this search the scheduler is allowed to run.
`Date`	`getNextScheduledTime()` Returns the next scheduled time.
`String`	`getQualifiedSearch()` Returns the qualified search.
`boolean`	`getRealtimeSchedule()` Indicates whether the scheduler computes the next run time of a scheduled search based on the current time or on the last search run time (for continuous scheduling).
`String`	`getRequestUiDispatchApp()` Returns the app in which Splunk Web dispatches this search.
`String`	`getRequestUiDispatchView()` Returns the view in which Splunk Web displays this search.
`boolean`	`getRestartOnSearchPeerAdd()` Indicates whether a real-time search managed by the scheduler is restarted when a search peer becomes available for this saved search.
`boolean`	`getRunOnStartup()` Indicates whether this search is run when Splunk starts.
`String`	`getSearch()` Returns the search query for this saved search.
`String`	`getVsid()` Returns the view state ID that is associated with the view specified in the `DisplayView` attribute.
`Job[]`	`history()` Returns an array of search jobs created from this saved search.
`Job[]`	`history(Map<String,Object> args)` Returns an array of search jobs based on passed search arguments
`boolean`	`isActionEmail()` Indicates whether the email action is enabled.
`boolean`	`isActionPopulateLookup()` Indicates whether the populate-lookup action is enabled.
`boolean`	`isActionRss()` Indicates whether the RSS action is enabled.
`boolean`	`isActionScript()` Indicates whether the script action is enabled.
`boolean`	`isActionSummaryIndex()` Indicates whether the summary-index action is enabled.
`boolean`	`isDigestMode()` Indicates whether Splunk applies the alert actions to the entire result set (digest) or to each individual search result (per result).
`boolean`	`isEmbedEnabled()` Indicates whether embedding is enabled for the search.
`boolean`	`isScheduled()` Indicates whether this search is run on a schedule.
`boolean`	`isVisible()` Indicates whether the search should be visible in the saved search list.
`void`	`setActionEmailAuthPassword(String password)` Sets the password to use when authenticating with the SMTP server.
`void`	`setActionEmailAuthUsername(String username)` Sets the username to use when authenticating the SMTP server.
`void`	`setActionEmailBcc(String bcc)` Sets the blind carbon copy (BCC) email address to use for email alerts.
`void`	`setActionEmailCc(String cc)` Sets the carbon copy (CC) email address to use for email alerts.
`void`	`setActionEmailCommand(String command)` Returns the search command (or pipeline) that runs the action.
`void`	`setActionEmailFormat(String format)` Sets the format of text in the email.
`void`	`setActionEmailFrom(String from)` Sets the email sender's name.
`void`	`setActionEmailHostname(String hostname)` Sets the host name used in the web link (URL) to send in email alerts.
`void`	`setActionEmailInline(boolean inline)` Sets whether the search results are contained in the body of the email.
`void`	`setActionEmailMailServer(String mailServer)` Sets the address of the MTA server that is used to send the emails.
`void`	`setActionEmailMaxResults(int maxResults)` Sets the maximum number of search results to send in email alerts.
`void`	`setActionEmailMaxTime(String maxTime)` Sets the maximum amount of time an email action takes before the action is canceled.
`void`	`setActionEmailPdfView(String name)` Sets the name of the view to deliver if `ActionEmailSendPdf` is enabled.
`void`	`setActionEmailPreProcessResults(String preprocess)` Sets the search string for pre-processing results before emailing them.
`void`	`setActionEmailReportPaperOrientation(String orientation)` Sets the paper orientation.
`void`	`setActionEmailReportPaperSize(String size)` Sets the paper size for PDFs.
`void`	`setActionEmailReportServerEnabled(boolean pdfServerEnabled)` Sets whether the PDF server is enabled.
`void`	`setActionEmailReportServerUrl(String pdfServerUrl)` Sets the URL of the PDF report server.
`void`	`setActionEmailSendPdf(boolean sendPdf)` Sets whether to create and send the results in PDF format.
`void`	`setActionEmailSendResults(boolean sendResults)` Sets whether to attach the search results to an email.
`void`	`setActionEmailSubject(String subject)` Sets the subject line of the email.
`void`	`setActionEmailTo(String to)` Sets a list of email recipients.
`void`	`setActionEmailTrackAlert(boolean trackAlert)` Sets whether running this email action results in a trackable alert.
`void`	`setActionEmailTtl(String ttl)` Sets the minimum time-to-live in seconds of the search artifacts if an email action is triggered.
`void`	`setActionEmailUseSsl(boolean useSsl)` Sets whether to use secure socket layer (SSL) when communicating with the SMTP server.
`void`	`setActionEmailUseTls(boolean useTls)` Sets whether to use transport layer security (TLS) when communicating with the SMTP server.
`void`	`setActionEmailWidthSortColumns(boolean widthSortColumns)` Sets whether columns should be sorted from least wide to most wide, left to right.
`void`	`setActionPopulateLookupCommand(String command)` Sets the search command (or pipeline) that runs the action.
`void`	`setActionPopulateLookupDest(String dest)` Sets the name of the lookup table or lookup path to populate.
`void`	`setActionPopulateLookupHostname(String hostname)` Sets the host name used in the web link (URL) to send in populate-lookup alerts.
`void`	`setActionPopulateLookupMaxResults(int maxResults)` Sets the maximum number of search results to send in populate-lookup alerts.
`void`	`setActionPopulateLookupMaxTime(String maxTime)` Sets the maximum amount of time an alert action takes before the action is canceled.
`void`	`setActionPopulateLookupTrackAlert(boolean trackAlert)` Sets whether running this populate-lookup action results in a trackable alert.
`void`	`setActionPopulateLookupTtl(String ttl)` Sets the minimum time-to-live (ttl) of the search artifacts if this populate-lookup action is triggered.
`void`	`setActionRssCommand(String command)` Sets the search command (or pipeline) that runs the action.
`void`	`setActionRssHostname(String hostname)` Sets the host name to use in the web link (URL) to send in RSS alerts.
`void`	`setActionRssMaxResults(int maxResults)` Sets the maximum number of search results to send in RSS alerts.
`void`	`setActionRssMaxTime(String maxTime)` Sets the maximum amount of time an RSS action takes before the action is canceled.
`void`	`setActionRssTrackAlert(boolean trackAlert)` Sets whether running this RSS action results in a trackable alert.
`void`	`setActionRssTtl(String ttl)` Sets the minimum time-to-live in seconds of the search artifacts if an RSS action is triggered.
`void`	`setActions(String actions)` Sets whichs actions to enable.
`void`	`setActionScriptCommand(String command)` Sets the search command (or pipeline) that runs the action.
`void`	`setActionScriptFilename(String filename)` Sets the file name of the script to call.
`void`	`setActionScriptHostname(String hostname)` Sets the host name used in the web link (URL) to send in script alerts.
`void`	`setActionScriptMaxResults(int maxResults)` Sets the maximum number of search results to send in script alerts.
`void`	`setActionScriptMaxTime(String maxTime)` Sets the maximum amount of time a script action takes before the action is canceled.
`void`	`setActionScriptTrackAlert(boolean trackAlert)` Sets whether running this script action results in a trackable alert.
`void`	`setActionScriptTtl(String ttl)` Sets the minimum time-to-live in seconds of the search artifacts if a script action is triggered.
`void`	`setActionSummaryIndexCommand(String command)` Sets the search command (or pipeline) that runs the action.
`void`	`setActionSummaryIndexHostname(String hostname)` Sets the host name used in the web link (URL) to send in summary-index alerts.
`void`	`setActionSummaryIndexInline(boolean inline)` Sets whether to run the summary indexing action as part of the scheduled search.
`void`	`setActionSummaryIndexMaxResults(int maxResults)` Sets the maximum number of search results to send in summary-index alerts.
`void`	`setActionSummaryIndexMaxTime(String maxTime)` Sets the maximum amount of time a summary-index action takes before the action is canceled.
`void`	`setActionSummaryIndexName(String name)` Sets the name of the summary index where the results of the scheduled search are saved.
`void`	`setActionSummaryIndexTrackAlert(boolean trackAlert)` Sets whether running summary-index action results in a trackable alert.
`void`	`setActionSummaryIndexTtl(String ttl)` Sets the minimum time-to-live in seconds of the search artifacts if a summary-index action is triggered.
`void`	`setAlertComparator(String comparator)` Sets the alert comparator.
`void`	`setAlertCondition(String conditional)` Sets a conditional search that is evaluated against the results of the saved search.
`void`	`setAlertDigestMode(boolean digest)` Sets whether Splunk applies the alert actions to the entire result set or on each individual result.
`void`	`setAlertExpires(String period)` Sets the period of time to show the alert in the dashboard.
`void`	`setAlertSeverity(int severity)` Sets the alert severity level, which is an integer from 1-6 (1=DEBUG, 2=INFO, 3=WARN, 4=ERROR, 5=SEVERE, 6=FATAL).
`void`	`setAlertSuppress(boolean suppress)` Sets whether to enable alert suppression for this scheduled search.
`void`	`setAlertSuppressFields(String fields)` Specifies a list of fields to use for alert suppression.
`void`	`setAlertSuppressPeriod(String period)` Sets the period for alert suppression.
`void`	`setAlertThreshold(String threshold)` Sets the value to compare to before triggering the alert action.
`void`	`setAlertTrack(String track)` Sets how to track the actions triggered by this saved search.
`void`	`setAlertType(String type)` Sets a value that indicates what to base the alert on.
`void`	`setCronSchedule(String cronSchedule)` Sets the cron schedule for running this saved search.
`void`	`setDescription(String description)` Sets the description of this saved search.
`void`	`setDisabled(boolean disabled)` Sets whether the saved search is disabled.
`void`	`setDispatchBuckets(int buckets)` Sets the maximum number of timeline buckets.
`void`	`setDispatchBuckets(String buckets)` Deprecated. Use `setDispatchBuckets(int)` instead.
`void`	`setDispatchEarliestTime(String earliestTime)` Sets the earliest time for this search.
`void`	`setDispatchLatestTime(String latestTime)` Sets the latest time for this search.
`void`	`setDispatchLookups(boolean lookups)` Sets whether to enable lookups for this search.
`void`	`setDispatchMaxCount(int max)` Sets the maximum number of results before finalizing the search.
`void`	`setDispatchMaxTime(int max)` Sets the maximum time before finalizing the search.
`void`	`setDispatchRealTimeBackfill(boolean backfill)` Sets whether to back fill the real-time window for this search.
`void`	`setDispatchReduceFrequency(int seconds)` Sets how frequently Splunk should run the MapReduce reduce phase on accumulated map values.
`void`	`setDispatchSpawnProcess(boolean spawn)` Sets whether Splunk spawns a new search process when running this saved search.
`void`	`setDispatchTimeFormat(String format)` Sets the time format used to specify the earliest and latest times for this search.
`void`	`setDispatchTtl(String format)` Sets the minimum time-to-live in seconds of the search artifacts if no actions are triggered.
`void`	`setDisplayView(String view)` Sets the default view in which to load the results.
`void`	`setIsScheduled(boolean value)` Sets whether this search runs on a schedule.
`void`	`setIsVisible(boolean value)` Sets whether this search appears in the visible list of saved searches.
`void`	`setMaxConcurrent(int max)` Sets the maximum number of concurrent instances of this search the scheduler is allowed to run.
`void`	`setRealtimeSchedule(boolean value)` Sets how the scheduler computes the next time a scheduled search is run.
`void`	`setRequestUiDispatchApp(String app)` Sets the app in which Splunk Web dispatches this search.
`void`	`setRequestUiDispatchView(String view)` Sets the view in which Splunk Web displays this search.
`void`	`setRestartOnSearchpeerAdd(boolean restart)` Deprecated. Use `setRestartOnSearchPeerAdd(boolean)` instead.
`void`	`setRestartOnSearchPeerAdd(boolean restart)` Sets whether a real-time search managed by the scheduler is restarted when a search peer becomes available for this saved search.
`void`	`setRunOnStartup(boolean startup)` Sets whether this search is run when Splunk starts.
`void`	`setSearch(String search)` Sets the search query for this saved search.
`void`	`setVsid(String vsid)` Sets the view state ID that is associated with the view specified in the `DisplayView` attribute.
`void`	`update()` Updates the entity with the accumulated arguments, established by the individual setter methods for each specific entity class.
`void`	`update(Map<String,Object> args)` Updates the entity with the values you previously set using the setter methods, and any additional specified arguments.

Methods inherited from class com.splunk.Entity
clear, containsKey, containsValue, disable, enable, entrySet, get, getContent, getMetadata, isDisabled, isEmpty, isNameChangeAllowed, keySet, put, putAll, refresh, remove, remove, size, validate, values

Methods inherited from class com.splunk.Resource
getName, getPath, getService, getTitle, getUpdated, invalidate

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Methods inherited from interface java.util.Map
compute, computeIfAbsent, computeIfPresent, equals, forEach, getOrDefault, hashCode, merge, putIfAbsent, remove, replace, replace, replaceAll

- Method Detail
  - acknowledge
```
public void acknowledge()
```
    Acknowledges the suppression of alerts from this saved search and resumes alerting.
  - actionPath
```
protected String actionPath(String action)
```
    Returns the path that corresponds to the requested action.
    
    Overrides:
    
    actionPath in class Entity
    
    Parameters:
    
    action - The requested action.
    
    Returns:
    
    The return path.
  - dispatch
```
public Job dispatch()
             throws InterruptedException
```
    Runs the saved search.
    
    Returns:
    
    The search job.
    
    Throws:
    
    InterruptedException - The InterruptedException instance
  - dispatch
```
public Job dispatch(Map args)
             throws InterruptedException
```
    Runs the saved search using dispatch arguments.
    Parameters:
    args - Dispatch arguments:
    
    "dispatch.now": A time string that is used to dispatch the search as though the specified time were the current time.
    
    "dispatch.*": Overwrites the value of the search field specified in "*".
    
    "trigger_actions": A Boolean that indicates whether to trigger alert actions.
    
    "force_dispatch": A Boolean that indicates whether to start a new search if another instance of this search is already running.
    Returns:
    
    The search job.
    
    Throws:
    
    InterruptedException - The InterruptedException instance
  - dispatch
```
public Job dispatch(SavedSearchDispatchArgs args)
             throws InterruptedException
```
    Runs the saved search using dispatch arguments.
    
    Parameters:
    
    args - Dispatch arguments (see SavedSearchDispatchArgs).
    
    Returns:
    
    The search job.
    
    Throws:
    
    InterruptedException - The InterruptedException instance
  - history
```
public Job[] history()
```
    Returns an array of search jobs created from this saved search.
    
    Returns:
    
    An array of search jobs.
  - history
```
public Job[] history(Map<String,Object> args)
```
    Returns an array of search jobs based on passed search arguments
    
    Parameters:
    
    args -
    
    Returns:
    
    An array of search jobs
  - getActionEmailAuthPassword
```
public String getActionEmailAuthPassword()
```
    Returns the email password.
    
    Returns:
    
    The email password.
  - getActionEmailAuthUsername
```
public String getActionEmailAuthUsername()
```
    Returns the email username.
    
    Returns:
    
    The email username.
  - getActionEmailBcc
```
public String getActionEmailBcc()
```
    Returns the blind carbon copy (BCC) email address.
    
    Returns:
    
    The BCC address.
  - getActionEmailCc
```
public String getActionEmailCc()
```
    Returns the carbon copy (CC) email address.
    
    Returns:
    
    The CC address.
  - getActionEmailCommand
```
public String getActionEmailCommand()
```
    Returns the search command (or pipeline) that runs the action.
    Generally, this command is a template search pipeline that is realized with values from the saved search. To reference saved search field values, wrap them in "$". For example, use "$name$" to reference the saved search name, or use "$search$" to reference the search query.
    
    Returns:
    
    The search command (or pipeline).
  - getActionEmailFormat
```
public String getActionEmailFormat()
```
    Returns the format of text in the email. This value also applies to any attachments formats. Valid values are: "plain", "html", "raw", and "csv".
    
    Returns:
    
    The email format.
  - getActionEmailFrom
```
public String getActionEmailFrom()
```
    Returns the email sender's name.
    
    Returns:
    
    The sender's name.
  - getActionEmailHostname
```
public String getActionEmailHostname()
```
    Returns the host name used in the web link (URL) that is sent in email alerts. Valid forms are "hostname" and "protocol://hostname:port".
    
    Returns:
    
    The host name used in the URL.
  - getActionEmailInline
```
public boolean getActionEmailInline()
```
    Indicates whether the search results are contained in the body of the email.
    
    Returns:
    
    true if search results are contained in the body of the email, false if not.
  - getActionEmailMailServer
```
public String getActionEmailMailServer()
```
    Returns the address of the MTA server that is used to send the emails. If this attribute is not set, this value defaults to the setting in the alert_actions.conf file.
    
    Returns:
    
    The address of the MTA server.
  - getActionEmailMaxResults
```
public int getActionEmailMaxResults()
```
    Returns the maximum number of search results to send in email alerts.
    
    Returns:
    
    The maximum number of search results per email.
  - getActionEmailMaxTime
```
public String getActionEmailMaxTime()
```
    Returns the maximum amount of time an email action takes before the action is canceled. The valid format is number followed by a time unit ("s", "m", "h", or "d").
    
    Returns:
    
    The maximum amount of time.
  - getActionEmailPdfView
```
public String getActionEmailPdfView()
```
    Returns the name of the view to deliver if ActionEmailSendPdf is enabled.
    
    Returns:
    
    The name of the PDF view.
    
    See Also:
    
    getActionEmailSendPdf()
  - getActionEmailPreProcessResults
```
public String getActionEmailPreProcessResults()
```
    Returns the search string for pre-processing results before emailing them. Usually preprocessing consists of filtering out unwanted internal fields.
    
    Returns:
    
    The search string for pre-processing results.
  - getActionEmailReportPaperOrientation
```
public String getActionEmailReportPaperOrientation()
```
    Returns the paper orientation. Valid values are "portrait" and "landscape".
    
    Returns:
    
    The paper orientation.
  - getActionEmailReportPaperSize
```
public String getActionEmailReportPaperSize()
```
    Returns the paper size for PDFs. Valid values are: "letter", "legal", "ledger", "a2", "a3", "a4", and "a5".
    
    Returns:
    
    The paper size.
  - getActionEmailReportServerEnabled
```
public boolean getActionEmailReportServerEnabled()
```
    Indicates whether the PDF server is enabled.
    
    Returns:
    
    true if the PDF server is enabled, false if not.
  - getActionEmailReportServerUrl
```
public String getActionEmailReportServerUrl()
```
    Returns the URL of the PDF report server, if one is set up and available on the network.
    
    Returns:
    
    The URL of the PDF report server.
  - getActionEmailSendPdf
```
public boolean getActionEmailSendPdf()
```
    Indicates whether to create and send the results in PDF format.
    
    Returns:
    
    true if results are sent in PDF format, false if not.
  - getActionEmailSendResults
```
public boolean getActionEmailSendResults()
```
    Indicates whether search results are attached to an email.
    
    Returns:
    
    true if search results are attached to an email, false if not.
  - getActionEmailSubject
```
public String getActionEmailSubject()
```
    Returns the subject line of the email.
    
    Returns:
    
    The subject line of the email.
  - getActionEmailTo
```
public String getActionEmailTo()
```
    Returns a list of email recipients.
    
    Returns:
    
    A comma- or semicolon-delimited list of email recipients.
  - getActionEmailTrackAlert
```
public boolean getActionEmailTrackAlert()
```
    Indicates whether running this email action results in a trackable alert.
    
    Returns:
    
    true for a trackable alert, false if not.
  - getActionEmailTtl
```
public String getActionEmailTtl()
```
    Returns the minimum time-to-live (ttl) of search artifacts if this email action is triggered. If the value is a number followed by "p", it is the number of scheduled search periods.
    
    Returns:
    
    The minimum time-to-live in seconds, or the number of scheduled periods.
  - getActionEmailUseSsl
```
public boolean getActionEmailUseSsl()
```
    Indicates whether to use secure socket layer (SSL) when communicating with the SMTP server.
    
    Returns:
    
    true if SSL is used, false if not.
  - getActionEmailUseTls
```
public boolean getActionEmailUseTls()
```
    Indicates whether to use transport layer security (TLS) when communicating with the SMTP server.
    
    Returns:
    
    true if TLS is used, false if not.
  - getActionEmailWidthSortColumns
```
public boolean getActionEmailWidthSortColumns()
```
    Indicates whether columns should be sorted from least wide to most wide, left to right. This value is only used when ActionEmailFormat is "plain".
    
    Returns:
    
    true if columns are sorted from least wide to most wide, false if not.
    
    See Also:
    
    getActionEmailFormat()
  - getActionPopulateLookupCommand
```
public String getActionPopulateLookupCommand()
```
    Returns the search command (or pipeline) that runs the action.
    
    Returns:
    
    The search command (or pipeline).
  - getActionPopulateLookupDest
```
public String getActionPopulateLookupDest()
```
    Returns the name of the lookup table or lookup path to populate.
    
    Returns:
    
    The lookup name or path.
  - getActionPopulateLookupHostname
```
public String getActionPopulateLookupHostname()
```
    Returns the host name used in the web link (URL) that is sent in populate-lookup alerts. Valid forms are "hostname" and "protocol://hostname:port".
    
    Returns:
    
    The hostname used in the URL.
  - getActionPopulateLookupMaxResults
```
public int getActionPopulateLookupMaxResults()
```
    Returns the maximum number of search results to send in populate-lookup alerts.
    
    Returns:
    
    The maximum number of search results per alert.
  - getActionPopulateLookupMaxTime
```
public String getActionPopulateLookupMaxTime()
```
    Returns the maximum amount of time an alert action takes before the action is canceled. The valid format is number followed by a time unit ("s", "m", "h", or "d").
    
    Returns:
    
    The maximum amount of time.
  - getActionPopulateLookupTrackAlert
```
public boolean getActionPopulateLookupTrackAlert()
```
    Indicates whether running this populate-lookup action results in a trackable alert.
    
    Returns:
    
    true for a trackable alert, false if not.
  - getActionPopulateLookupTtl
```
public String getActionPopulateLookupTtl()
```
    Returns the minimum time-to-live (ttl) of search artifacts if this populate-lookup action is triggered. If the value is a number followed by "p", it is the number of scheduled search periods.
    
    Returns:
    
    The minimum time-to-live in seconds, or the number of scheduled periods.
  - getActionRssCommand
```
public String getActionRssCommand()
```
    Returns the search command (or pipeline) that runs the action.
    
    Returns:
    
    The search command (or pipeline).
  - getActionRssHostname
```
public String getActionRssHostname()
```
    Returns the host name used in the web link (URL) that is sent in RSS alerts. Valid forms are "hostname" and "protocol://hostname:port".
    
    Returns:
    
    The host name used in the URL.
  - getActionRssMaxResults
```
public int getActionRssMaxResults()
```
    Returns the maximum number of search results to send in RSS alerts.
    
    Returns:
    
    The maximum number of search results per alert.
  - getActionRssMaxTime
```
public String getActionRssMaxTime()
```
    Returns the maximum amount of time an RSS alert action takes before the action is canceled. The valid format is number followed by a time unit ("s", "m", "h", or "d").
    
    Returns:
    
    The maximum amount of time.
  - getActionRssTrackAlert
```
public boolean getActionRssTrackAlert()
```
    Indicates whether running this RSS action results in a trackable alert.
    
    Returns:
    
    true for a trackable alert, false if not.
  - getActionRssTtl
```
public String getActionRssTtl()
```
    Returns the minimum time-to-live (ttl) of search artifacts if this RSS action is triggered. If the value is a number followed by "p", it is the number of scheduled search periods.
    
    Returns:
    
    The minimum time-to-live in seconds, or the number of scheduled periods.
  - getActionScriptCommand
```
public String getActionScriptCommand()
```
    Returns the search command (or pipeline) that runs the action.
    
    Returns:
    
    The search command (or pipeline).
  - getActionScriptFilename
```
public String getActionScriptFilename()
```
    Returns the filename of the script to call.
    
    Returns:
    
    The filename of the script.
  - getActionScriptHostname
```
public String getActionScriptHostname()
```
    Returns the host name used in the web link (URL) that is sent in script alerts. Valid forms are "hostname" and "protocol://hostname:port".
    
    Returns:
    
    The host name used in the URL.
  - getActionScriptMaxResults
```
public int getActionScriptMaxResults()
```
    Returns the maximum number of search results to send in script alerts.
    
    Returns:
    
    The maximum number of search results per alert.
  - getActionScriptMaxTime
```
public String getActionScriptMaxTime()
```
    Returns the maximum amount of time a script action takes before the action is canceled. The valid format is number followed by a time unit ("s", "m", "h", or "d").
    
    Returns:
    
    The maximum amount of time.
  - getActionScriptTrackAlert
```
public boolean getActionScriptTrackAlert()
```
    Indicates whether running this script action results in a trackable alert.
    
    Returns:
    
    true for a trackable alert, false if not.
  - getActionScriptTtl
```
public String getActionScriptTtl()
```
    Returns the minimum time-to-live (ttl) of search artifacts if this script action is triggered. If the value is a number followed by "p", it is the number of scheduled search periods.
    
    Returns:
    
    The minimum time-to-live in seconds, or the number of scheduled periods.
  - getActionSummaryIndexName
```
public String getActionSummaryIndexName()
```
    Returns the name of the summary index where the results of the scheduled search are saved.
    
    Returns:
    
    The name of the summary index.
  - getActionSummaryIndexCommand
```
public String getActionSummaryIndexCommand()
```
    Returns the search command (or pipeline) that runs the action.
    Generally, this command is a template search pipeline that is realized with values from the saved search. To reference saved search field values, wrap them in "$". For example, use "$name$" to reference the saved search name, or use "$search$" to reference the search query.
    
    Returns:
    
    The search command (or pipeline).
  - getActionSummaryIndexHostname
```
public String getActionSummaryIndexHostname()
```
    Returns the host name used in the web link (URL) that is sent in summary-index alerts. Valid forms are "hostname" and "protocol://hostname:port".
    
    Returns:
    
    The host name used in the URL.
  - getActionSummaryIndexInline
```
public boolean getActionSummaryIndexInline()
```
    Indicates whether to run the summary indexing action as part of the scheduled search.
    
    Returns:
    
    true if the summary indexing action runs with the scheduled search, false if not.
  - getActionSummaryIndexMaxResults
```
public int getActionSummaryIndexMaxResults()
```
    Returns the maximum number of search results to send in summary-index alerts.
    
    Returns:
    
    The maximum number of search results per alert.
  - getActionSummaryIndexMaxTime
```
public String getActionSummaryIndexMaxTime()
```
    Returns the maximum amount of time a summary action takes before the action is canceled. The valid format is number followed by a time unit ("s", "m", "h", or "d").
    
    Returns:
    
    The maximum amount of time.
  - getActionSummaryIndexTrackAlert
```
public boolean getActionSummaryIndexTrackAlert()
```
    Indicates whether running this summary-index action results in a trackable alert.
    
    Returns:
    
    true for a trackable alert, false if not.
  - getActionSummaryIndexTtl
```
public String getActionSummaryIndexTtl()
```
    Returns the minimum time-to-live (ttl) of search artifacts if a summary-index action is triggered. If the value is a number followed by "p", it is the number of scheduled search periods.
    
    Returns:
    
    The minimum time-to-live in seconds, or the number of scheduled periods.
  - getAlertDigestMode
```
public boolean getAlertDigestMode()
```
    Indicates whether Splunk applies the alert actions to the entire result set (digest) or to each individual search result (per result).
    
    Returns:
    
    true if Splunk applies the alert actions to the entire result set (digest), false if actions are applied to individual search results (per result).
  - getAlertExpires
```
public String getAlertExpires()
```
    Returns the amount of time to show the alert in the dashboard. The valid format is number followed by a time unit ("s", "m", "h", or "d").
    
    Returns:
    
    The amount of time.
  - getAlertSeverity
```
public int getAlertSeverity()
```
    Returns the alert severity level. Valid values are: 1=DEBUG, 2=INFO, 3=WARN, 4=ERROR, 5=SEVERE, 6=FATAL.
    
    Returns:
    
    The alert severity level.
  - getAlertSuppress
```
public boolean getAlertSuppress()
```
    Indicates whether alert suppression is enabled for this search.
    
    Returns:
    
    true if alert suppression is enabled for this search, false if not.
  - getAlertSuppressFields
```
public String getAlertSuppressFields()
```
    Returns a list of fields to use for alert suppression.
    
    Returns:
    
    A comma-delimited list of fields.
  - getAlertSuppressPeriod
```
public String getAlertSuppressPeriod()
```
    Returns the alert suppression period, which is only valid if AlertSuppress is enabled. The valid format is number followed by a time unit ("s", "m", "h", or "d").
    
    Returns:
    
    The alert suppression period.
    
    See Also:
    
    getAlertSuppress()
  - getAlertTrack
```
public String getAlertTrack()
```
    Returns a value that indicates how to track the actions triggered by this saved search. Valid values are: "true" (enabled), "false" (disabled), and "auto" (tracking is based on the setting of each action).
    
    Returns:
    
    The alert tracking setting.
  - getAlertComparator
```
public String getAlertComparator()
```
    Returns the alert comparator. Valid values are: "greater than", "less than", "equal to", "rises by", "drops by", "rises by perc", and "drops by perc".
    
    Returns:
    
    The alert comparator.
  - getAlertCondition
```
public String getAlertCondition()
```
    Returns a conditional search that is evaluated against the results of the saved search.
    
    Returns:
    
    A conditional search string.
  - getAlertThreshold
```
public String getAlertThreshold()
```
    Returns the value to compare to before triggering the alert action. If this value is expressed as a percentage, it indicates the value to use when AlertComparator is set to "rises by perc" or "drops by perc."
    
    Returns:
    
    The alert threshold value.
    
    See Also:
    
    getAlertComparator()
  - getAlertType
```
public String getAlertType()
```
    Returns a value that indicates what to base the alert on. Valid values are: "always", "custom", "number of events", "number of hosts", and "number of sources". This value is overridden by AlertCondition if specified.
    
    Returns:
    
    The alert trigger type.
    
    See Also:
    
    getAlertCondition()
  - getCronSchedule
```
public String getCronSchedule()
```
    Returns the cron-style schedule for running this saved search.
    
    Returns:
    
    The schedule, as a valid cron-style string.
  - getDescription
```
public String getDescription()
```
    Returns a description of this saved search.
    
    Returns:
    
    A description of the saved search.
  - getDispatchBuckets
```
public int getDispatchBuckets()
```
    Returns the maximum number of timeline buckets.
    
    Returns:
    
    The maximum number of timeline buckets.
  - getDispatchEarliestTime
```
public String getDispatchEarliestTime()
```
    Returns the earliest time for this search. This value can be a relative or absolute time (as formatted by DispatchTimeFormat).
    
    Returns:
    
    The earliest time for this search.
    
    See Also:
    
    getDispatchTimeFormat()
  - getDispatchLatestTime
```
public String getDispatchLatestTime()
```
    Returns the latest time for this search. This value can be a relative or absolute time (as formatted by DispatchTimeFormat).
    
    Returns:
    
    The latest time for this search.
    
    See Also:
    
    getDispatchTimeFormat()
  - getDispatchLookups
```
public boolean getDispatchLookups()
```
    Indicates whether lookups are enabled for this search.
    
    Returns:
    
    true if lookups are enabled, false if not.
  - getDispatchMaxCount
```
public int getDispatchMaxCount()
```
    Returns the maximum number of results before finalizing the search.
    
    Returns:
    
    The maximum number of results.
  - getDispatchMaxTime
```
public int getDispatchMaxTime()
```
    Returns the maximum amount of time before finalizing the search.
    
    Returns:
    
    The maximum amount of time, in seconds.
  - getDispatchReduceFrequency
```
public int getDispatchReduceFrequency()
```
    Returns how frequently Splunk runs the MapReduce reduce phase on accumulated map values.
    
    Returns:
    
    The reduce frequency.
  - getDispatchRtBackfill
```
public boolean getDispatchRtBackfill()
```
    Deprecated. Use getDispatchRealTimeBackfill() instead.
    
    Indicates whether to back fill the real-time window for this search. This attribute only applies to real-time searches.
    
    Returns:
    
    true if Splunk back fills the real-time window, false if not.
  - getDispatchRealTimeBackfill
```
public boolean getDispatchRealTimeBackfill()
```
    Indicates whether to back fill the real-time window for this search. This attribute only applies to real-time searches.
    
    Returns:
    
    true if Splunk back fills the real-time window, false if not.
  - getDispatchSpawnProcess
```
public boolean getDispatchSpawnProcess()
```
    Indicates whether Splunk spawns a new search process when running this saved search.
    
    Returns:
    
    true if Splunk spawns a new search process, false if not.
  - getDispatchTimeFormat
```
public String getDispatchTimeFormat()
```
    Returns the time format used to specify the earliest and latest times for this search.
    
    Returns:
    
    The time format.
  - getDispatchTtl
```
public String getDispatchTtl()
```
    Returns the time to live (ttl) for artifacts of the scheduled search (the time before the search job expires and artifacts are still available), if no alerts are triggered. If the value is a number followed by "p", it is the number of scheduled search periods.
    
    Returns:
    
    The time to live, in seconds or as a multiple of the scheduled search period.
  - getDisplayView
```
public String getDisplayView()
```
    Returns the default view in which to load results.
    
    Returns:
    
    The view name.
  - getMaxConcurrent
```
public int getMaxConcurrent()
```
    Returns the maximum number of concurrent instances of this search the scheduler is allowed to run.
    
    Returns:
    
    The maximum number of concurrent instances.
  - getNextScheduledTime
```
public Date getNextScheduledTime()
```
    Returns the next scheduled time.
    
    Returns:
    
    The next scheduled time.
  - getQualifiedSearch
```
public String getQualifiedSearch()
```
    Returns the qualified search.
    
    Returns:
    
    The qualified search.
  - getRealtimeSchedule
```
public boolean getRealtimeSchedule()
```
    Indicates whether the scheduler computes the next run time of a scheduled search based on the current time or on the last search run time (for continuous scheduling).
    
    Returns:
    
    true if the run time is based on current time, false if based on the previous search time.
  - getRequestUiDispatchApp
```
public String getRequestUiDispatchApp()
```
    Returns the app in which Splunk Web dispatches this search.
    
    Returns:
    
    The app name.
  - getRequestUiDispatchView
```
public String getRequestUiDispatchView()
```
    Returns the view in which Splunk Web displays this search.
    
    Returns:
    
    The view name.
  - getRestartOnSearchPeerAdd
```
public boolean getRestartOnSearchPeerAdd()
```
    Indicates whether a real-time search managed by the scheduler is restarted when a search peer becomes available for this saved search.
    
    Returns:
    
    true if a real-time search is restarted, false if not.
  - getRunOnStartup
```
public boolean getRunOnStartup()
```
    Indicates whether this search is run when Splunk starts. If the search is not run on startup, it runs at the next scheduled time.
    
    Returns:
    
    true if this search is run when Splunk starts, false if not.
  - getSearch
```
public String getSearch()
```
    Returns the search query for this saved search.
    
    Returns:
    
    The search query.
  - getVsid
```
public String getVsid()
```
    Returns the view state ID that is associated with the view specified in the DisplayView attribute. This ID corresponds to a stanza in the viewstates.conf configuration file.
    
    Returns:
    
    The view state ID.
    
    See Also:
    
    getDisplayView()
  - isActionEmail
```
public boolean isActionEmail()
```
    Indicates whether the email action is enabled.
    
    Returns:
    
    true if the email action is enabled, false if not.
  - isActionPopulateLookup
```
public boolean isActionPopulateLookup()
```
    Indicates whether the populate-lookup action is enabled.
    
    Returns:
    
    true if the populate-lookup action is enabled, false if not.
  - isActionRss
```
public boolean isActionRss()
```
    Indicates whether the RSS action is enabled.
    
    Returns:
    
    true if the RSS action is enabled, false if not.
  - isActionScript
```
public boolean isActionScript()
```
    Indicates whether the script action is enabled.
    
    Returns:
    
    true if the script action is enabled, false if not.
  - isActionSummaryIndex
```
public boolean isActionSummaryIndex()
```
    Indicates whether the summary-index action is enabled.
    
    Returns:
    
    true if the summary-index action is enabled, false if not.
  - isDigestMode
```
public boolean isDigestMode()
```
    Indicates whether Splunk applies the alert actions to the entire result set (digest) or to each individual search result (per result).
    
    Returns:
    
    true if actions are applied per digest, false if per result.
  - isScheduled
```
public boolean isScheduled()
```
    Indicates whether this search is run on a schedule.
    
    Returns:
    
    true if this search is run on a schedule, false if not.
  - isVisible
```
public boolean isVisible()
```
    Indicates whether the search should be visible in the saved search list.
    
    Returns:
    
    true if the search should be listed, false if not.
  - isEmbedEnabled
```
public boolean isEmbedEnabled()
```
    Indicates whether embedding is enabled for the search.
    
    Returns:
    
    true if the search is enabled for the search, false if not.
  - getEmbedToken
```
public String getEmbedToken()
```
    Returns the authorization token for embedding the search.
    
    Returns:
    
    The authorization token for embedding the search.
  - setActionEmailAuthPassword
```
public void setActionEmailAuthPassword(String password)
```
    Sets the password to use when authenticating with the SMTP server. Normally this value will be set when editing the email settings, however you can set a clear text password here and it will be encrypted on the next Splunk restart.
    
    Parameters:
    
    password - The password.
  - setActionEmailAuthUsername
```
public void setActionEmailAuthUsername(String username)
```
    Sets the username to use when authenticating the SMTP server. If this string is empty, authentication is not attempted.
    
    Parameters:
    
    username - The username for authentication.
  - setActionEmailBcc
```
public void setActionEmailBcc(String bcc)
```
    Sets the blind carbon copy (BCC) email address to use for email alerts.
    
    Parameters:
    
    bcc - The BCC email address.
    
    See Also:
    
    isActionEmail()
  - setActionEmailCc
```
public void setActionEmailCc(String cc)
```
    Sets the carbon copy (CC) email address to use for email alerts.
    
    Parameters:
    
    cc - The CC email address.
    
    See Also:
    
    isActionEmail()
  - setActionEmailCommand
```
public void setActionEmailCommand(String command)
```
    Returns the search command (or pipeline) that runs the action.
    Generally, this command is a template search pipeline that is realized with values from the saved search. To reference saved search field values, wrap them in "$". For example, use "$name$" to reference the saved search name, or use "$search$" to reference the search query.
    
    Parameters:
    
    command - The search command (or pipeline).
  - setActionEmailFormat
```
public void setActionEmailFormat(String format)
```
    Sets the format of text in the email. This value also applies to any attachments formats. Valid values are: "plain", "html", "raw", and "csv".
    
    Parameters:
    
    format - The email format.
  - setActionEmailFrom
```
public void setActionEmailFrom(String from)
```
    Sets the email sender's name.
    
    Parameters:
    
    from - The sender's name.
  - setActionEmailHostname
```
public void setActionEmailHostname(String hostname)
```
    Sets the host name used in the web link (URL) to send in email alerts. Valid forms are "hostname" and "protocol://hostname:port".
    
    Parameters:
    
    hostname - The host name to use in the URL.
  - setActionEmailInline
```
public void setActionEmailInline(boolean inline)
```
    Sets whether the search results are contained in the body of the email.
    
    Parameters:
    
    inline - true to include search results in the body of the email, false if not.
  - setActionEmailMailServer
```
public void setActionEmailMailServer(String mailServer)
```
    Sets the address of the MTA server that is used to send the emails. If this parameter is not set, the value defaults to the setting in the alert_actions.conf file.
    
    Parameters:
    
    mailServer - The address of the MTA server.
  - setActionEmailMaxResults
```
public void setActionEmailMaxResults(int maxResults)
```
    Sets the maximum number of search results to send in email alerts.
    
    Parameters:
    
    maxResults - The maximum number of search results per alert.
  - setActionEmailMaxTime
```
public void setActionEmailMaxTime(String maxTime)
```
    Sets the maximum amount of time an email action takes before the action is canceled. The valid format is number followed by a time unit ("s", "m", "h", or "d").
    
    Parameters:
    
    maxTime - The maximum amount of time.
  - setActionEmailPdfView
```
public void setActionEmailPdfView(String name)
```
    Sets the name of the view to deliver if ActionEmailSendPdf is enabled.
    
    Parameters:
    
    name - The name of the PDF view.
    
    See Also:
    
    getActionEmailSendPdf()
  - setActionEmailPreProcessResults
```
public void setActionEmailPreProcessResults(String preprocess)
```
    Sets the search string for pre-processing results before emailing them. Usually preprocessing consists of filtering out unwanted internal fields.
    
    Parameters:
    
    preprocess - The search string for pre-processing results.
  - setActionEmailReportPaperOrientation
```
public void setActionEmailReportPaperOrientation(String orientation)
```
    Sets the paper orientation. Valid values are "portrait" and "landscape".
    
    Parameters:
    
    orientation - The paper orientation.
  - setActionEmailReportPaperSize
```
public void setActionEmailReportPaperSize(String size)
```
    Sets the paper size for PDFs. Valid values are: "letter", "legal", "ledger", "a2", "a3", "a4", and "a5".
    
    Parameters:
    
    size - The paper size.
  - setActionEmailReportServerEnabled
```
public void setActionEmailReportServerEnabled(boolean pdfServerEnabled)
```
    Sets whether the PDF server is enabled.
    
    Parameters:
    
    pdfServerEnabled - true if the PDF server is enabled, false if not.
  - setActionEmailReportServerUrl
```
public void setActionEmailReportServerUrl(String pdfServerUrl)
```
    Sets the URL of the PDF report server.
    
    Parameters:
    
    pdfServerUrl - The URL of the PDF report server.
  - setActionEmailSendPdf
```
public void setActionEmailSendPdf(boolean sendPdf)
```
    Sets whether to create and send the results in PDF format.
    
    Parameters:
    
    sendPdf - true to send results in PDF format, false if not.
  - setActionEmailSendResults
```
public void setActionEmailSendResults(boolean sendResults)
```
    Sets whether to attach the search results to an email.
    
    Parameters:
    
    sendResults - true to attach search results to an email, false if not.
  - setActionEmailSubject
```
public void setActionEmailSubject(String subject)
```
    Sets the subject line of the email.
    
    Parameters:
    
    subject - The subject line of the email.
  - setActionEmailTo
```
public void setActionEmailTo(String to)
```
    Sets a list of email recipients.
    
    Parameters:
    
    to - A comma- or semicolon-delimited list of email recipients.
  - setActionEmailTrackAlert
```
public void setActionEmailTrackAlert(boolean trackAlert)
```
    Sets whether running this email action results in a trackable alert.
    
    Parameters:
    
    trackAlert - true for a trackable alert, false if not.
  - setActionEmailTtl
```
public void setActionEmailTtl(String ttl)
```
    Sets the minimum time-to-live in seconds of the search artifacts if an email action is triggered. If the value is a number followed by "p", it is the number of scheduled search periods.
    
    Parameters:
    
    ttl - The minimum time-to-live in seconds, or the number of scheduled periods.
  - setActionEmailUseSsl
```
public void setActionEmailUseSsl(boolean useSsl)
```
    Sets whether to use secure socket layer (SSL) when communicating with the SMTP server.
    
    Parameters:
    
    useSsl - true to use SSL, false if not.
  - setActionEmailUseTls
```
public void setActionEmailUseTls(boolean useTls)
```
    Sets whether to use transport layer security (TLS) when communicating with the SMTP server.
    
    Parameters:
    
    useTls - true to use TLS, false if not.
  - setActionEmailWidthSortColumns
```
public void setActionEmailWidthSortColumns(boolean widthSortColumns)
```
    Sets whether columns should be sorted from least wide to most wide, left to right. This value is only used when ActionEmailFormat is "plain".
    
    Parameters:
    
    widthSortColumns - true to sort columns from least wide to most wide, false if not.
    
    See Also:
    
    getActionEmailFormat()
  - setActionPopulateLookupCommand
```
public void setActionPopulateLookupCommand(String command)
```
    Sets the search command (or pipeline) that runs the action.
    
    Parameters:
    
    command - The search command (or pipeline).
  - setActionPopulateLookupDest
```
public void setActionPopulateLookupDest(String dest)
```
    Sets the name of the lookup table or lookup path to populate.
    
    Parameters:
    
    dest - The lookup name or path.
  - setActionPopulateLookupHostname
```
public void setActionPopulateLookupHostname(String hostname)
```
    Sets the host name used in the web link (URL) to send in populate-lookup alerts. Valid forms are "hostname" and "protocol://hostname:port".
    
    Parameters:
    
    hostname - The host name to use in the URL.
  - setActionPopulateLookupMaxResults
```
public void setActionPopulateLookupMaxResults(int maxResults)
```
    Sets the maximum number of search results to send in populate-lookup alerts.
    
    Parameters:
    
    maxResults - The maximum number of search results per alert.
  - setActionPopulateLookupMaxTime
```
public void setActionPopulateLookupMaxTime(String maxTime)
```
    Sets the maximum amount of time an alert action takes before the action is canceled. The valid format is number followed by a time unit ("s", "m", "h", or "d").
    
    Parameters:
    
    maxTime - The maximum amount of time.
  - setActionPopulateLookupTrackAlert
```
public void setActionPopulateLookupTrackAlert(boolean trackAlert)
```
    Sets whether running this populate-lookup action results in a trackable alert.
    
    Parameters:
    
    trackAlert - true for a trackable alert, false if not.
  - setActionPopulateLookupTtl
```
public void setActionPopulateLookupTtl(String ttl)
```
    Sets the minimum time-to-live (ttl) of the search artifacts if this populate-lookup action is triggered. If the value is a number followed by "p", it is the number of scheduled search periods.
    
    Parameters:
    
    ttl - The minimum time-to-live in seconds, or the number of scheduled periods.
  - setActionRssCommand
```
public void setActionRssCommand(String command)
```
    Sets the search command (or pipeline) that runs the action.
    Generally, this command is a template search pipeline that is realized with values from the saved search. To reference saved search field values, wrap them in "$". For example, use "$name$" to reference the saved search name, or use "$search$" to reference the search query.
    
    Parameters:
    
    command - The search command (or pipeline).
  - setActionRssHostname
```
public void setActionRssHostname(String hostname)
```
    Sets the host name to use in the web link (URL) to send in RSS alerts. Valid forms are "hostname" and "protocol://hostname:port".
    
    Parameters:
    
    hostname - The host name to use in the URL.
  - setActionRssMaxResults
```
public void setActionRssMaxResults(int maxResults)
```
    Sets the maximum number of search results to send in RSS alerts.
    
    Parameters:
    
    maxResults - The maximum number of search results per alert.
  - setActionRssMaxTime
```
public void setActionRssMaxTime(String maxTime)
```
    Sets the maximum amount of time an RSS action takes before the action is canceled. The valid format is number followed by a time unit ("s", "m", "h", or "d").
    
    Parameters:
    
    maxTime - The maximum amount of time.
  - setActionRssTrackAlert
```
public void setActionRssTrackAlert(boolean trackAlert)
```
    Sets whether running this RSS action results in a trackable alert.
    
    Parameters:
    
    trackAlert - true for a trackable alert, false if not.
  - setActionRssTtl
```
public void setActionRssTtl(String ttl)
```
    Sets the minimum time-to-live in seconds of the search artifacts if an RSS action is triggered. If the value is a number followed by "p", it is the number of scheduled search periods.
    
    Parameters:
    
    ttl - The minimum time-to-live in seconds, or the number of scheduled periods.
  - setActionScriptCommand
```
public void setActionScriptCommand(String command)
```
    Sets the search command (or pipeline) that runs the action.
    Generally, this command is a template search pipeline that is realized with values from the saved search. To reference saved search field values, wrap them in "$". For example, use "$name$" to reference the saved search name, or use "$search$" to reference the search query.
    
    Parameters:
    
    command - The search command (or pipeline).
  - setActionScriptFilename
```
public void setActionScriptFilename(String filename)
```
    Sets the file name of the script to call. This value is required if ActionScript is enabled.
    
    Parameters:
    
    filename - The file name of the script.
    
    See Also:
    
    isActionScript()
  - setActionScriptHostname
```
public void setActionScriptHostname(String hostname)
```
    Sets the host name used in the web link (URL) to send in script alerts. Valid forms are "hostname" and "protocol://hostname:port".
    
    Parameters:
    
    hostname - The host name to use in the URL.
  - setActionScriptMaxResults
```
public void setActionScriptMaxResults(int maxResults)
```
    Sets the maximum number of search results to send in script alerts.
    
    Parameters:
    
    maxResults - The maximum number of search results per alert.
  - setActionScriptMaxTime
```
public void setActionScriptMaxTime(String maxTime)
```
    Sets the maximum amount of time a script action takes before the action is canceled. The valid format is number followed by a time unit ("s", "m", "h", or "d").
    
    Parameters:
    
    maxTime - The maximum amount of time.
  - setActionScriptTrackAlert
```
public void setActionScriptTrackAlert(boolean trackAlert)
```
    Sets whether running this script action results in a trackable alert.
    
    Parameters:
    
    trackAlert - true for a trackable alert, false if not.
  - setActionScriptTtl
```
public void setActionScriptTtl(String ttl)
```
    Sets the minimum time-to-live in seconds of the search artifacts if a script action is triggered. If the value is a number followed by "p", it is the number of scheduled search periods.
    
    Parameters:
    
    ttl - The minimum time-to-live in seconds, or the number of scheduled periods.
  - setActionSummaryIndexName
```
public void setActionSummaryIndexName(String name)
```
    Sets the name of the summary index where the results of the scheduled search are saved.
    
    Parameters:
    
    name - The name of the summary index.
  - setActionSummaryIndexCommand
```
public void setActionSummaryIndexCommand(String command)
```
    Sets the search command (or pipeline) that runs the action.
    Generally, this command is a template search pipeline that is realized with values from the saved search. To reference saved search field values, wrap them in "$". For example, use "$name$" to reference the saved search name, or use "$search$" to reference the search query.
    
    Parameters:
    
    command - The search command (or pipeline).
  - setActionSummaryIndexHostname
```
public void setActionSummaryIndexHostname(String hostname)
```
    Sets the host name used in the web link (URL) to send in summary-index alerts. Valid forms are "hostname" and "protocol://hostname:port".
    
    Parameters:
    
    hostname - The host name to use in the URL.
  - setActionSummaryIndexInline
```
public void setActionSummaryIndexInline(boolean inline)
```
    Sets whether to run the summary indexing action as part of the scheduled search.
    
    Parameters:
    
    inline - true to run the summary indexing action with the scheduled search, false if not.
  - setActionSummaryIndexMaxResults
```
public void setActionSummaryIndexMaxResults(int maxResults)
```
    Sets the maximum number of search results to send in summary-index alerts.
    
    Parameters:
    
    maxResults - The maximum number of search results per alert.
  - setActionSummaryIndexMaxTime
```
public void setActionSummaryIndexMaxTime(String maxTime)
```
    Sets the maximum amount of time a summary-index action takes before the action is canceled. The valid format is number followed by a time unit ("s", "m", "h", or "d").
    
    Parameters:
    
    maxTime - The maximum amount of time.
  - setActionSummaryIndexTrackAlert
```
public void setActionSummaryIndexTrackAlert(boolean trackAlert)
```
    Sets whether running summary-index action results in a trackable alert.
    
    Parameters:
    
    trackAlert - true for a trackable alert, false if not.
  - setActionSummaryIndexTtl
```
public void setActionSummaryIndexTtl(String ttl)
```
    Sets the minimum time-to-live in seconds of the search artifacts if a summary-index action is triggered. If the value is a number followed by "p", it is the number of scheduled search periods.
    
    Parameters:
    
    ttl - The minimum time-to-live in seconds, or the number of scheduled periods.
  - setActions
```
public void setActions(String actions)
```
    Sets whichs actions to enable. Valid actions are: "email", "populate_lookup", "rss", "script", and "summary_index".
    
    Parameters:
    
    actions - A comma-separated list of actions.
  - setAlertDigestMode
```
public void setAlertDigestMode(boolean digest)
```
    Sets whether Splunk applies the alert actions to the entire result set or on each individual result.
    
    Parameters:
    
    digest - true if Splunk applies the alert actions to the entire result set (digest), false if actions are applied to individual search results (per result).
  - setAlertExpires
```
public void setAlertExpires(String period)
```
    Sets the period of time to show the alert in the dashboard. The valid format is number followed by a time unit ("s", "m", "h", or "d").
    
    Parameters:
    
    period - The amount of time.
  - setAlertSeverity
```
public void setAlertSeverity(int severity)
```
    Sets the alert severity level, which is an integer from 1-6 (1=DEBUG, 2=INFO, 3=WARN, 4=ERROR, 5=SEVERE, 6=FATAL).
    
    Parameters:
    
    severity - The alert severity level.
  - setAlertSuppress
```
public void setAlertSuppress(boolean suppress)
```
    Sets whether to enable alert suppression for this scheduled search.
    
    Parameters:
    
    suppress - true to enable alert suppression, false if not.
  - setAlertSuppressFields
```
public void setAlertSuppressFields(String fields)
```
    Specifies a list of fields to use for alert suppression. This attribute is required when alert suppression and per-result alerting are enabled.
    
    Parameters:
    
    fields - A comma-delimited list of fields.
    
    See Also:
    
    setAlertSuppress(boolean), isDigestMode()
  - setAlertSuppressPeriod
```
public void setAlertSuppressPeriod(String period)
```
    Sets the period for alert suppression. This attribute is only valid when AlertSuppress is enabled. The valid format is number followed by a time unit ("s", "m", "h", or "d").
    
    Parameters:
    
    period - The suppression period.
    
    See Also:
    
    setAlertSuppress(boolean)
  - setAlertTrack
```
public void setAlertTrack(String track)
```
    Sets how to track the actions triggered by this saved search. Valid values are: "true" (enabled), "false" (disabled), and "auto" (tracking is based on the setting of each action).
    
    Parameters:
    
    track - The alert tracking setting.
  - setAlertComparator
```
public void setAlertComparator(String comparator)
```
    Sets the alert comparator. Valid values are: "greater than", "less than", "equal to", "rises by", "drops by", "rises by perc", and "drops by perc".
    
    Parameters:
    
    comparator - The alert comparator.
  - setAlertCondition
```
public void setAlertCondition(String conditional)
```
    Sets a conditional search that is evaluated against the results of the saved search.
    Note: If you specify an alert_condition, do not set counttype, relation, or quantity.
    
    Parameters:
    
    conditional - A conditional search.
  - setAlertThreshold
```
public void setAlertThreshold(String threshold)
```
    Sets the value to compare to before triggering the alert action. If this value is expressed as a percentage, it indicates the value to use when AlertComparator is set to "rises by perc" or "drops by perc."
    
    Parameters:
    
    threshold - The threshold as a number or percentage (a number followed by "%").
    
    See Also:
    
    getAlertComparator()
  - setAlertType
```
public void setAlertType(String type)
```
    Sets a value that indicates what to base the alert on. Valid values are: "always", "custom", "number of events", "number of hosts", and "number of sources". This value is overridden by AlertCondition if specified.
    
    Parameters:
    
    type - The alert trigger type.
  - setCronSchedule
```
public void setCronSchedule(String cronSchedule)
```
    Sets the cron schedule for running this saved search.
    
    Parameters:
    
    cronSchedule - The schedule, as a valid cron-style string.
  - setDescription
```
public void setDescription(String description)
```
    Sets the description of this saved search.
    
    Parameters:
    
    description - The description.
  - setDisabled
```
public void setDisabled(boolean disabled)
```
    Sets whether the saved search is disabled. Disabled searches are not visible in Splunk Web.
    
    Parameters:
    
    disabled - true to disable the saved search, false to enable it.
  - setDispatchBuckets
```
public void setDispatchBuckets(String buckets)
```
    Deprecated. Use setDispatchBuckets(int) instead.
    
    Sets the maximum number of timeline buckets.
    
    Parameters:
    
    buckets - The maximum number of timeline buckets.
  - setDispatchBuckets
```
public void setDispatchBuckets(int buckets)
```
    Sets the maximum number of timeline buckets.
    
    Parameters:
    
    buckets - The maximum number of timeline buckets.
  - setDispatchEarliestTime
```
public void setDispatchEarliestTime(String earliestTime)
```
    Sets the earliest time for this search. This value can be a relative time, or absolute time as formatted by DispatchTimeFormat.
    
    Parameters:
    
    earliestTime - The earliest time for this search.
    
    See Also:
    
    getDispatchTimeFormat()
  - setDispatchLatestTime
```
public void setDispatchLatestTime(String latestTime)
```
    Sets the latest time for this search. This value can be a relative time, or absolute time as formatted by DispatchTimeFormat.
    
    Parameters:
    
    latestTime - The latest time for this search.
    
    See Also:
    
    getDispatchTimeFormat()
  - setDispatchLookups
```
public void setDispatchLookups(boolean lookups)
```
    Sets whether to enable lookups for this search.
    
    Parameters:
    
    lookups - true to enable lookups, false if not.
  - setDispatchMaxCount
```
public void setDispatchMaxCount(int max)
```
    Sets the maximum number of results before finalizing the search.
    
    Parameters:
    
    max - The maximum number of results.
  - setDispatchMaxTime
```
public void setDispatchMaxTime(int max)
```
    Sets the maximum time before finalizing the search.
    
    Parameters:
    
    max - The maximum time, in seconds.
  - setDispatchReduceFrequency
```
public void setDispatchReduceFrequency(int seconds)
```
    Sets how frequently Splunk should run the MapReduce reduce phase on accumulated map values.
    
    Parameters:
    
    seconds - The reduce frequency.
  - setDispatchRealTimeBackfill
```
public void setDispatchRealTimeBackfill(boolean backfill)
```
    Sets whether to back fill the real-time window for this search. This attribute only applies to real-time searches.
    
    Parameters:
    
    backfill - true if Splunk back fills the real-time window, false if not.
  - setDispatchSpawnProcess
```
public void setDispatchSpawnProcess(boolean spawn)
```
    Sets whether Splunk spawns a new search process when running this saved search. Searches against indexes must run in a separate process.
    
    Parameters:
    
    spawn - true if Splunk spawns a new search process, false if not.
  - setDispatchTimeFormat
```
public void setDispatchTimeFormat(String format)
```
    Sets the time format used to specify the earliest and latest times for this search.
    
    Parameters:
    
    format - The time format.
  - setDispatchTtl
```
public void setDispatchTtl(String format)
```
    Sets the minimum time-to-live in seconds of the search artifacts if no actions are triggered. If the value is a number followed by "p", it is the number of scheduled search periods.
    
    Parameters:
    
    format - The time to live, in seconds or as a multiple of the scheduled search period.
  - setDisplayView
```
public void setDisplayView(String view)
```
    Sets the default view in which to load the results.
    
    Parameters:
    
    view - The view name (not label).
  - setIsScheduled
```
public void setIsScheduled(boolean value)
```
    Sets whether this search runs on a schedule.
    
    Parameters:
    
    value - true to run this search on a schedule, false if not.
  - setIsVisible
```
public void setIsVisible(boolean value)
```
    Sets whether this search appears in the visible list of saved searches.
    
    Parameters:
    
    value - true to display this in the visible list, false if not.
  - setMaxConcurrent
```
public void setMaxConcurrent(int max)
```
    Sets the maximum number of concurrent instances of this search the scheduler is allowed to run.
    
    Parameters:
    
    max - The maximum number of concurrent instances.
  - setRealtimeSchedule
```
public void setRealtimeSchedule(boolean value)
```
    Sets how the scheduler computes the next time a scheduled search is run.
    - When true: The schedule is based on the current time. The scheduler might skip some scheduled periods to make sure that searches over the most recent time range are run.
    - When false: The schedule is based on the last search run time (referred to as "continuous scheduling") and the scheduler never skips scheduled periods. However, the scheduler might fall behind depending on its load. Use continuous scheduling whenever you enable the summary index option (ActionSummaryIndex).
    The scheduler tries to run searches that have real-time schedules enabled before running searches that have continuous scheduling enabled.
    Parameters:
    
    value - true to enable a real-time schedule for this search, false to enable continuous scheduling for this search.
    
    See Also:
    
    isActionSummaryIndex()
  - setRequestUiDispatchApp
```
public void setRequestUiDispatchApp(String app)
```
    Sets the app in which Splunk Web dispatches this search.
    
    Parameters:
    
    app - The app name.
  - setRequestUiDispatchView
```
public void setRequestUiDispatchView(String view)
```
    Sets the view in which Splunk Web displays this search.
    
    Parameters:
    
    view - The view name.
  - setRestartOnSearchpeerAdd
```
public void setRestartOnSearchpeerAdd(boolean restart)
```
    Deprecated. Use setRestartOnSearchPeerAdd(boolean) instead.
    
    Sets whether a real-time search managed by the scheduler is restarted when a search peer becomes available for this saved search.
    Note: The peer can be one that is newly added or one that has become available after being down.
    
    Parameters:
    
    restart - true to restart a real-time search, false if not.
  - setRestartOnSearchPeerAdd
```
public void setRestartOnSearchPeerAdd(boolean restart)
```
    Sets whether a real-time search managed by the scheduler is restarted when a search peer becomes available for this saved search.
    Note: The peer can be one that is newly added or one that has become available after being down.
    
    Parameters:
    
    restart - true to restart a real-time search, false if not.
  - setRunOnStartup
```
public void setRunOnStartup(boolean startup)
```
    Sets whether this search is run when Splunk starts. If the search is not run on startup, it runs at the next scheduled time.
    It is recommended that you set this value to true for scheduled searches that populate lookup tables.
    
    Parameters:
    
    startup - true to run this search when Splunk starts, false if not.
  - setSearch
```
public void setSearch(String search)
```
    Sets the search query for this saved search.
    
    Parameters:
    
    search - The search query.
  - setVsid
```
public void setVsid(String vsid)
```
    Sets the view state ID that is associated with the view specified in the DisplayView attribute.
    Note: This ID must match a stanza in the from the viewstates.conf configuration file.
    
    Parameters:
    
    vsid - The view state ID.
    
    See Also:
    
    getDisplayView()
  - update
```
public void update(Map<String,Object> args)
```
    Updates the entity with the values you previously set using the setter methods, and any additional specified arguments. The specified arguments take precedent over the values that were set using the setter methods.
    
    Overrides:
    
    update in class Entity
    
    Parameters:
    
    args - The arguments to update.
  - update
```
public void update()
```
    Updates the entity with the accumulated arguments, established by the individual setter methods for each specific entity class.
    
    Overrides:
    
    update in class Entity

Class SavedSearch

Nested Class Summary

Nested classes/interfaces inherited from interface java.util.Map

Field Summary

Fields inherited from class com.splunk.Entity

Fields inherited from class com.splunk.Resource

Method Summary

Methods inherited from class com.splunk.Entity

Methods inherited from class com.splunk.Resource

Methods inherited from class java.lang.Object

Methods inherited from interface java.util.Map

Method Detail

acknowledge

actionPath

dispatch

dispatch

dispatch

history

history

getActionEmailAuthPassword

getActionEmailAuthUsername

getActionEmailBcc

getActionEmailCc

getActionEmailCommand

getActionEmailFormat

getActionEmailFrom

getActionEmailHostname

getActionEmailInline

getActionEmailMailServer

getActionEmailMaxResults

getActionEmailMaxTime

getActionEmailPdfView

getActionEmailPreProcessResults

getActionEmailReportPaperOrientation

getActionEmailReportPaperSize

getActionEmailReportServerEnabled

getActionEmailReportServerUrl

getActionEmailSendPdf

getActionEmailSendResults

getActionEmailSubject

getActionEmailTo

getActionEmailTrackAlert

getActionEmailTtl

getActionEmailUseSsl

getActionEmailUseTls

getActionEmailWidthSortColumns

getActionPopulateLookupCommand

getActionPopulateLookupDest

getActionPopulateLookupHostname

getActionPopulateLookupMaxResults

getActionPopulateLookupMaxTime

getActionPopulateLookupTrackAlert

getActionPopulateLookupTtl

getActionRssCommand

getActionRssHostname

getActionRssMaxResults

getActionRssMaxTime

getActionRssTrackAlert

getActionRssTtl

getActionScriptCommand

getActionScriptFilename

getActionScriptHostname

getActionScriptMaxResults

getActionScriptMaxTime

getActionScriptTrackAlert

getActionScriptTtl

getActionSummaryIndexName

getActionSummaryIndexCommand

getActionSummaryIndexHostname

getActionSummaryIndexInline

getActionSummaryIndexMaxResults

getActionSummaryIndexMaxTime

getActionSummaryIndexTrackAlert

getActionSummaryIndexTtl

getAlertDigestMode

getAlertExpires

getAlertSeverity

getAlertSuppress

getAlertSuppressFields

getAlertSuppressPeriod