acknowledge

splunkjs.Service.SavedSearch.acknowledge
Endpoint: saved/searches/{name}/acknowledge

Acknowledges the suppression of the alerts from a saved search and resumes alerting.

Syntax

acknowledge: function(callback)

Parameters

Name Type Description
callback Function

A function to call when the saved search is acknowledged: (err, savedSearch).

Examples

 var savedSearch = service.savedSearches().item("MySavedSearch");
 savedSearch.acknowledge(function(err, search) {
     console.log("ACKNOWLEDGED");
 });

alertCount

splunkjs.Service.SavedSearch.alertCount

Gets the count of triggered alerts for this savedSearch, defaulting to 0 when undefined.

Syntax

alertCount: function()

Return

Number.

The count of triggered alerts.

Examples

 var savedSearch = service.savedSearches().item("MySavedSearch");
 var alertCount = savedSearch.alertCount();

dispatch

splunkjs.Service.SavedSearch.dispatch
Endpoint: saved/searches/{name}/dispatch

Dispatches a saved search, which creates a search job and returns a splunkjs.Service.Job instance in the callback function.

Syntax

dispatch: function(options, callback)

Parameters

Name Type Description
options Object

The options for dispatching this saved search:
- dispatch.now (string): The time that is used to dispatch the search as though the specified time were the current time.
- dispatch.* (string): Overwrites the value of the search field specified in *.
- trigger_actions (boolean): Indicates whether to trigger alert actions.
- force_dispatch (boolean): Indicates whether to start a new search if another instance of this search is already running.

callback Function

A function to call when the saved search is dispatched: (err, job, savedSearch).

Examples

 var savedSearch = service.savedSearches().item("MySavedSearch");
 savedSearch.dispatch({force_dispatch: false}, function(err, job, savedSearch) {
     console.log("Job SID: ", job.sid);
 });

firedAlertGroup

splunkjs.Service.SavedSearch.firedAlertGroup

Gets the splunkjs.Service.FiredAlertGroup for firedAlerts associated with this saved search.

Syntax

firedAlertGroup: function()

Return

splunkjs.Service.FiredAlertGroup.

An AlertGroup object with the
same name as this SavedSearch object.

Examples

 var alerts = service.firedAlertGroups().item("MySavedSearch");

history

splunkjs.Service.SavedSearch.history
Endpoint: saved/searches/{name}/history

Retrieves the job history for a saved search, which is a list of splunkjs.Service.Job instances.

Syntax

history: function(options, callback)

Parameters

Name Type Description
options Object

Options for retrieving history. For a full list, see the Pagination and Filtering options in the REST API documentation.

callback Function

A function to call when the history is retrieved: (err, job, savedSearch).

Examples

 var savedSearch = service.savedSearches().item("MySavedSearch");
 savedSearch.history({count: 10}, function(err, jobs, search) {
     for(var i = 0; i < jobs.length; i++) {
         console.log("Job", i, ":", jobs[i].sid);
     }
 });

init

splunkjs.Service.SavedSearch.init

Constructor for splunkjs.Service.SavedSearch.

Syntax

init: function(service, name, namespace)

Parameters

Name Type Description
service splunkjs.Service

A Service instance.

name String

The name for the new saved search.

namespace Object

Namespace information:
- owner (string): The Splunk username, such as "admin". A value of "nobody" means no specific user. The "-" wildcard means all users.
- app (string): The app context for this resource (such as "search"). The "-" wildcard means all apps.
- sharing (string): A mode that indicates how the resource is shared. The sharing mode can be "user", "app", "global", or "system".

Return

splunkjs.Service.SavedSearch.

A new splunkjs.Service.SavedSearch instance.

path

splunkjs.Service.SavedSearch.path

Retrieves the REST endpoint path for this resource (with no namespace).

Syntax

path: function()

suppressInfo

splunkjs.Service.SavedSearch.suppressInfo
Endpoint: saved/searches/{name}/suppress

Retrieves the suppression state of a saved search.

Syntax

suppressInfo: function(callback)

Parameters

Name Type Description
callback Function

A function to call when the suppression state is retrieved: (err, suppressionState, savedSearch).

Examples

 var savedSearch = service.savedSearches().item("MySavedSearch");
 savedSearch.history(function(err, suppressionState, search) {
     console.log("STATE: ", suppressionState);
 });

update

splunkjs.Service.SavedSearch.update

Updates the saved search on the server.

Note: The search query is required, even when it isn't being modified. If you don't provide it, this method will fetch the search string from the server or from the local cache.

Syntax

update: function(params, callback)

Parameters

Name Type Description
props Object

The properties to update the saved search with. For a list of available parameters, see Saved search parameters on Splunk Developer Portal.

callback Function

A function to call when the object is updated: (err, entity).

_load

splunkjs.Service.Entity._load

Loads the entity and stores the properties.

Syntax

_load: function(properties)

Parameters

Name Type Description
properties Object

The properties for this entity.

acl

splunkjs.Service.Entity.acl

Retrieves the access control list (ACL) information for this entity, which contains the permissions for accessing the entity.

Syntax

acl: function()

Return

Object.

The ACL.

author

splunkjs.Service.Entity.author

Retrieves the author information for this entity.

Syntax

author: function()

Return

String.

The author.

del

splunkjs.Service.Endpoint.del

Performs a relative DELETE request on an endpoint's path, combined with the parameters and a relative path if specified.

Syntax

del: function(relpath, params, callback)

Parameters

Name Type Description
relpath String

A relative path to append to the endpoint path.

params Object

A dictionary of entity-specific parameters to add to the query string.

callback Function

A function to call when the request is complete: (err, response).

Examples

 // Will make a request to {service.prefix}/search/jobs/123456
 var endpoint = new splunkjs.Service.Endpoint(service, "search/jobs/12345");
 endpoint.delete("", {}, function() { console.log("DELETED"))});

disable

splunkjs.Service.Entity.disable

Disables the entity on the server.

Syntax

disable: function(callback)

Parameters

Name Type Description
callback Function

A function to call when the object is disabled: (err, entity).

enable

splunkjs.Service.Entity.enable

Enables the entity on the server.

Syntax

enable: function(callback)

Parameters

Name Type Description
callback Function

A function to call when the object is enabled: (err, entity).

fetch

splunkjs.Service.Entity.fetch

Refreshes the entity by fetching the object from the server and loading it.

Syntax

fetch: function(options, callback)

Parameters

Name Type Description
options Object

An optional dictionary of collection filtering and pagination options:
- count (integer): The maximum number of items to return.
- offset (integer): The offset of the first item to return.
- search (string): The search query to filter responses.
- sort_dir (string): The direction to sort returned items: “asc” or “desc”.
- sort_key (string): The field to use for sorting (optional).
- sort_mode (string): The collating sequence for sorting returned items: “auto”, “alpha”, “alpha_case”, or “num”.

callback Function

A function to call when the object is retrieved: (err, resource).

fetchOnUpdate

splunkjs.Service.Entity.fetchOnUpdate

A static property that indicates whether to call fetch after an update to get the updated entity. By default, the entity is not fetched because the endpoint returns (echoes) the updated entity.

fields

splunkjs.Service.Entity.fields

Retrieves the fields information for this entity, indicating which fields are wildcards, required, and optional.

Syntax

fields: function()

Return

Object.

The fields information.

get

splunkjs.Service.Endpoint.get

Performs a relative GET request on an endpoint's path, combined with the parameters and a relative path if specified.

Syntax

get: function(relpath, params, callback, isAsync)

Parameters

Name Type Description
relpath String

A relative path to append to the endpoint path.

params Object

A dictionary of entity-specific parameters to add to the query string.

callback Function

A function to call when the request is complete: (err, response).

Examples

 // Will make a request to {service.prefix}/search/jobs/123456/results?offset=1
 var endpoint = new splunkjs.Service.Endpoint(service, "search/jobs/12345");
 endpoint.get("results", {offset: 1}, function() { console.log("DONE"))});

post

splunkjs.Service.Endpoint.post

Performs a relative POST request on an endpoint's path, combined with the parameters and a relative path if specified.

Syntax

post: function(relpath, params, callback)

Parameters

Name Type Description
relpath String

A relative path to append to the endpoint path.

params Object

A dictionary of entity-specific parameters to add to the body.

callback Function

A function to call when the request is complete: (err, response).

Examples

 // Will make a request to {service.prefix}/search/jobs/123456/control
 var endpoint = new splunkjs.Service.Endpoint(service, "search/jobs/12345");
 endpoint.post("control", {action: "cancel"}, function() { console.log("CANCELLED"))});

properties

splunkjs.Service.Resource.properties

Retrieves the current properties for this resource.

Syntax

properties: function()

Return

Object.

The properties.

published

splunkjs.Service.Entity.published

Retrieves the published time for this entity.

Syntax

published: function()

Return

String.

The published time.

reload

splunkjs.Service.Entity.reload

Reloads the entity on the server.

Syntax

reload: function(callback)

Parameters

Name Type Description
callback Function

A function to call when the object is reloaded: (err, entity).

remove

splunkjs.Service.Entity.remove

Deletes the entity from the server.

Syntax

remove: function(callback)

Parameters

Name Type Description
callback Function

A function to call when the object is deleted: (err).

state

splunkjs.Service.Resource.state

Retrieves the current full state (properties and metadata) of this resource.

Syntax

state: function()

Return

Object.

The current full state of this resource.

updated

splunkjs.Service.Entity.updated

Retrieves the updated time for this entity.

Syntax

updated: function()

Return

String.

The updated time.