splunk list-saved-searches
Access saved searches configuration.
Description
Access and create saved searches.
Synopsis
splunk list-saved-searches
--site <site>
[--count <count>]
[--sort_key <sort_key>]
[--sort_dir <sort_dir>]
Arguments
site
- (string)
Site where this command will be executed
Example: --site "site-1"
Default: input.site
Attributes: required
count
- (int)
Limit the number of results returned. Set 0 to return all results.
Example: --count 0
Default: 0
Attributes: optional
sort_key
- (string)
Field name to use for sorting.
Example: --sort_key "updated"
Default: updated
Attributes: optional
sort_dir
- (string)
Response sort order.
Example: --sort_dir "sort_dir-1"
Default: _None_
Attributes: optional
Validation:
allowed values: asc, desc
Examples
Input:
Output:UPDATED AUTHOR NAME
1970-01-01T05:30:00+05:30 nobody Bucket Merge Retrieve Conf Settings
1970-01-01T05:30:00+05:30 nobody Errors in the last 24 hours
1970-01-01T05:30:00+05:30 nobody Errors in the last hour
1970-01-01T05:30:00+05:30 nobody License Usage Data Cube
Access Control
To use this command, you need access to the following:
Field | Value |
---|---|
Action | "read" |
Service Type | "splunk" |
Service Instance | |
Namespace | |
Object Type | "search" |
Object ID |
Please see Access Control for details.