Categories

Versions

You are viewing the RapidMiner Studio documentation for version 9.7 - Check here for latest version

Search Splunk (Splunk)

Synopsis

Reads search results from a Splunk® server.

Description

This operator can be used to query a Splunk® server based on a query term and returns the results as an example set. Search results can be restricted by specifying a time frame.

Input

  • connection (Connection)

    This input port expects a Connection object if any. See the parameter connection entry for more information.

Output

  • result (IOObject)

    The example set consisting of the search results.

  • connection (Connection)

    This output port delivers the Connection object from the input port. If the input port is not connected the port delivers nothing.

Parameters

  • connection_source This parameter indicates how the connection should be specified. It gives you two options, predefined and repository. The parameter is not visible if the connection input port is connected. Range: selection
  • connection_entry This parameter is only available when the connection source parameter is set to repository. This parameter is used to specify a repository location that represents a connection entry. The connection can also be provided using the connection input port. Range: string
  • connection This parameter is only available when the connection source parameter is set to predefined. The Splunk® connection to use. Select a connection from the dropdown or click the button to create a new one. Range: configurable
  • query The Splunk® query in Splunk Process Language (SPL). Range: String
  • earliest_time If this parameter is set, it specifies the earliest time in the time range to search. Range: Time
  • latest_time If this parameter is set, it specifies the latest time in the time range to search. Range: Time
  • pagination If set, only a limited number of results will be returned, starting from a given offset. Range: Boolean
  • offset Offset from which the result set should start. Range: Integer
  • limit Maximum number of results to return. Range: Integer