Fetch data using saved search

This example pipeline demonstrates how to use the saved search to fetch data from the Splunk repository.


Splunk Saved Search Pipeline

Download this pipeline.

Prerequisites

Create a saved search SplunkReport in Splunk with the query as shown below:


Splunk UI Configuration

  1. Configure the Splunk Saved Search Snap with Saved search name.
  2. Validate the Snap. On validation, the Snap fetches all the records under snapqa index.
    Splunk Saved Search Snap Configuration Splunk Saved Search Snap Output

    Splunk Saved Search Snap Configuration
    Splunk Saved Search Snap Output
To successfully reuse pipelines:
  1. Download and import the pipeline into SnapLogic.
  2. Configure Snap accounts as applicable.
  3. Provide pipeline parameters as applicable.