Hi all ,
I am using below url to get data from splunk
`https://hostname:8089/v7/services/search/jobs/export?output_mode=json&search=search * | stats max(_time) AS _time BY "pctIdle" | sort 0 - _time | head 1|rename "pctIdle" AS Value |eval formatted=strftime(_time,"%25Y-%25m-%25d %25H:%25M:%25S%25z")`
which is giving output continuously , even though i have mentioned head 1.
below is the actual query which gives one row.
`* | stats max(_time) AS _time BY "pctIdle" | sort 0 - _time | head 1|rename "pctIdle" AS Value |eval formatted=strftime(_time,"%Y-%m-%d %H:%M:%S%z"`
How do i achieve same from browser.
↧