Alerting

How to see Alert search results in RSS feed

coresystems_scp
Engager

Hi,

I have created a Search that will display be some data, like number of sold license in the last 24 hours.
When running the search I can see the results in Splunk like this
ProductA 24
ProductB 10

But with RSS I don't see any search results, I just see that the query was running.

How can I see the search results in the RSS feed?

Thanks

Tags (2)

amit_saxena
Communicator

Hi,

I have successfully retrieved search results via RSS though indirectly. The steps for the same are as follows.

1) Extract RSS entry from RSS feed.
2) Extract the alert details and hence job name from RSS entry
3) Use REST API with this job name as input to get job results export in any format like rss, xml, json etc

Let me know if there are any queries.

Regards,
Amit Saxena

0 Karma

Ayn
Legend

Unfortunately there is currently no functionality for including search results in the RSS feed. This would be a great feature, so you should consider filing an ER for it.

Get Updates on the Splunk Community!

Index This | I am a number, but when you add ‘G’ to me, I go away. What number am I?

March 2024 Edition Hayyy Splunk Education Enthusiasts and the Eternally Curious!  We’re back with another ...

What’s New in Splunk App for PCI Compliance 5.3.1?

The Splunk App for PCI Compliance allows customers to extend the power of their existing Splunk solution with ...

Extending Observability Content to Splunk Cloud

Register to join us !   In this Extending Observability Content to Splunk Cloud Tech Talk, you'll see how to ...