API Guide

Trigger Job

The Trigger Job API is used to pull data from a customer's Splunk Enterprise or Cloud instance, and process those data through sRTMS.

HTTP POST

URL

https://<hostname>:<port>/job-rest-service/splunk/job

<hostname>: Azure hostname

<port>: Azure port

Header (JSON format)

Content-Type: application/json

Accept: application/json

X-MS-VERSION: v0.1.1

X-AD-Authorization: <azureToken>

Header (XML format)

Content-Type: application/xml

Accept: application/xml

X-MS-VERSION: v0.1.1

X-AD-Authorization: <azureToken>

Body (JSON format)

{

"jobName":"<jobName>",

"userName":"<splunkLogin>",

"password":"<splunkPwd>"

"url":"<splunkAPI>",

"deviceSearch":"<splunkDeviceSearch>",

"packageSearch":"<splunkPackageSearch>"

}

<jobName>: Use an exist Job Name's or create a new one

<splunkLogin>: Splunk instance's username

<splunkPwd>: Splunk instance's password

<splunkAPI>: Splunk URL "https://<hostname>:<port>"

<splunkDeviceSearch>: Splunk Device Search

<splunkPackageSearch>: Splunk Package Search

Body (XML format)

<jobName>[jobName]</jobName>

<userName>[snowLogin]</userName>

<password>[snowPwd]</password>

<url>[splunkAPI]</url>

<deviceSearch>[splunkDeviceSearch]</deviceSearch>

<packageSearch>[splunkPackageSearch]</packageSearch>

</JobArgs>

[jobName]: Use an exist Job Name's or create a new one

[splunkLogin]: Splunk instance's username

[splunkPwd]: Splunkinstance's password

[splunkAPI]: Splunk URL "https://<hostname>:<port>"

[splunkDeviceSearch]: Splunk Device Search

[splunkPackageSearch]: Splunk Package Search

Response

This request will return the Job ID session key "jobID". Please save this Job ID and use it in the Job Status API call.

Support

if you have questions or issues using the API, please contact us as support@fatstacks.tech